CVSS: 6.9EPSS: 0%CPEs: 3EXPL: 1CVE-2007-5758
https://notcve.org/view.php?id=CVE-2007-5758
Stack-based buffer overflow in db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to execute arbitrary code via a long DASPROF environment variable. Desbordamiento de búfer basado en pila en db2dasrrm del DB2 Administration Server (DAS) en IBM DB2 Universal Database 9.5 anterior a Fix Pack 1, 9.1 anterior a Fix Pack 4a, y 8 anterior a FixPak 16; permite a usuarios locales ejecutar código de su elección mediante una larga variable de entorno DASPROF. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=689 http://secunia.com/advisories/29784 http://www.securityfocus.com/bid/27870 http://www.securitytracker.com/id?1019853 http://www.vupen.com/english/advisories/2008/1237/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41847 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.9EPSS: 0%CPEs: 3EXPL: 0CVE-2007-5664
https://notcve.org/view.php?id=CVE-2007-5664
db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to overwrite arbitrary files via a symlink attack on files used for initialization. db2dasrrm en DB2 Administration Server (DAS) de IBM DB2 Universal Database 9.5 anterior al Fix Pack 1, 9.1 anterior al Fix Pack 4a, y 8 anterior al FixPak 16, permite a usuarios locales sobrescribir ficheros de su elección a través de un ataque de enlace simbólico sobre archivos usados para su inicialización. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=688 http://secunia.com/advisories/29784 http://www.securityfocus.com/bid/27870 http://www.securitytracker.com/id?1019852 http://www.vupen.com/english/advisories/2008/1237/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41848 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2008-1681
https://notcve.org/view.php?id=CVE-2008-1681
Unspecified vulnerability in IBM DB2 Content Manager before 8.3 FP8 has unknown impact and attack vectors related to the AllowedTrustedLogin privilege. Vulnerabilidad sin especificar en IBM DB2 Content Manager, antes de 8.3 FP8, tiene un efecto y unos vectores de ataque desconocidos relacionados con los privilegios de AllowedTrustedLogin • http://publib.boulder.ibm.com/infocenter/cmgmt/v8r3m0/topic/com.ibm.cmgmtreadmefp.doc/aparlist.htm http://secunia.com/advisories/29647 http://www-1.ibm.com/support/docview.wss?uid=swg1IO07690 http://www-1.ibm.com/support/docview.wss?uid=swg27011946&aid=1 http://www.securityfocus.com/bid/28567 http://www.vupen.com/english/advisories/2008/1070/references https://exchange.xforce.ibmcloud.com/vulnerabilities/41585 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2008-0696
https://notcve.org/view.php?id=CVE-2008-0696
IBM DB2 UDB before 8.2 Fixpak 16 does not properly check authorization for the ALTER TABLE statement, which has unknown impact and attack vectors. IBM DB2 UDB antes de 8.2 Fixpak 16 no comprueba la autorización correctamente para la sentencia ALTER TABLE, lo que tiene un impacto desconocido y vectores de ataque. • ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT http://secunia.com/advisories/28771 http://www-1.ibm.com/support/docview.wss?uid=swg1IZ07337 http://www.vupen.com/english/advisories/2008/0401 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2008-0698
https://notcve.org/view.php?id=CVE-2008-0698
Buffer overflow in the DAS server in IBM DB2 UDB before 8.2 Fixpak 16 has unknown attack vectors, and an impact probably involving "invalid memory access." Vulnerabilidad de desbordamiento de búfer en BM DB2 UDB anterior a la v8.2 Fixpak 16 tiene un vector de ataque desconocido, y un impacto probablemente relacionado con un "acceso inválido a memoria". • ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT http://secunia.com/advisories/28771 http://www-1.ibm.com/support/docview.wss?uid=swg1IZ05496 http://www.securityfocus.com/bid/27681 http://www.vupen.com/english/advisories/2008/0401 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •