CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0CVE-2007-5090
https://notcve.org/view.php?id=CVE-2007-5090
Unspecified vulnerability in IBM Rational ClearQuest (CQ), when a Microsoft SQL Server or an IBM DB2 database is used, allows attackers to corrupt data via unspecified vectors. Vulnerabilidad sin especificar en el IBM Rational ClearQuest (CQ), cuando se utilizan las bases de datos Microsoft SQL Server o IBM DB2, permite a atacantes remotos corromper los datos a través de vectores sin especificar. • http://osvdb.org/40598 http://secunia.com/advisories/26899 http://www-1.ibm.com/support/docview.wss?uid=swg21268116 http://www.securityfocus.com/bid/25810 http://www.securitytracker.com/id?1018735 http://www.vupen.com/english/advisories/2007/3264 https://exchange.xforce.ibmcloud.com/vulnerabilities/36771 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.0EPSS: 3%CPEs: 3EXPL: 0CVE-2007-4423
https://notcve.org/view.php?id=CVE-2007-4423
Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID function in IBM DB2 UDB 9.1 before Fixpak 3 allows attackers to cause a denial of service and possibly execute arbitrary code via a long argument. Un desbordamiento de búfer en la región stack de la memoria en la función AUTH_LIST_GROUPS_FOR_AUTHID en IBM DB2 UDB versión 9.1 anterior a Fixpak 3, permite a atacantes causar una denegación de servicio y posiblemente ejecutar código arbitrario por medio de un argumento largo. • http://secunia.com/advisories/26471 http://www-1.ibm.com/support/docview.wss?uid=swg1IZ01828 http://www-1.ibm.com/support/docview.wss?uid=swg21255607 http://www.appsecinc.com/resources/alerts/db2/2007-01.shtml http://www.attrition.org/pipermail/vim/2007-August/001765.html http://www.securityfocus.com/archive/1/478313/100/0/threaded http://www.securityfocus.com/bid/25339 http://www.securitytracker.com/id?1018640 http://www.vupen.com/english/advisories/2007/2912 https:/&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2007-4418
https://notcve.org/view.php?id=CVE-2007-4418
IBM DB2 UDB 8 before Fixpak 15 does not properly check authorization, which allows remote authenticated users with a certain SELECT privilege to have an unknown impact via unspecified vectors. NOTE: this issue is probably related to CVE-2007-1089, but this is uncertain due to lack of details. IBM DB2 UDB 8 anterior al Fixpak 15 no comprueba adecuadamente la autorización, lo cual permite a usuarios autenticados remotamente con un determinado privilegio SELECT tener un impacto desconocido a través de vectores no especificados. NOTA: este problema está probablemente relacionado con CVE-2007-1089, pero no está claro debido a una falta de detalles. • http://secunia.com/advisories/26471 http://www-1.ibm.com/support/docview.wss?uid=swg1JR25940 http://www-1.ibm.com/support/docview.wss?uid=swg21255352 http://www.attrition.org/pipermail/vim/2007-August/001765.html http://www.securityfocus.com/bid/25339 http://www.vupen.com/english/advisories/2007/2912 https://exchange.xforce.ibmcloud.com/vulnerabilities/36109 •
CVSS: 6.0EPSS: 0%CPEs: 2EXPL: 0CVE-2007-4417
https://notcve.org/view.php?id=CVE-2007-4417
IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 does not properly revoke privileges on methods, which allows remote authenticated users to execute a method after revocation until the routine auth cache is flushed. IBM DB2 UDB 8 anterior al Fixpak 15 y 9.1 anterior al Fixpak 3 no revoca adecuadamente los privilegios sobre los métodos, lo cual permite a usuarios autenticados remotamente ejecutar un método después de la revocación hasta que se renueva la caché de autenticación de la rutina. • http://secunia.com/advisories/26471 http://www-1.ibm.com/support/docview.wss?uid=swg1IY88158 http://www-1.ibm.com/support/docview.wss?uid=swg1IY88226 http://www-1.ibm.com/support/docview.wss?uid=swg21255352 http://www-1.ibm.com/support/docview.wss?uid=swg21255607 http://www.attrition.org/pipermail/vim/2007-August/001765.html http://www.securityfocus.com/bid/25339 http://www.vupen.com/english/advisories/2007/2912 https://exchange.xforce.ibmcloud.com/vulnerabilities/36108 •
CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 0CVE-2007-4276
https://notcve.org/view.php?id=CVE-2007-4276
Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows attackers to execute arbitrary code via a long DASPROF and possibly other environment variables, which are copied into the buildDasPaths buffer. Desbordamiento de búfer basado en pila en IBM DB2 UDB 8 anterior a Fixpak 15 y 9.1 anterior a Fixpak 3 permite a atacantes ejecutar código de su elección a través de un largo DASPROF y posiblemente otras variables de entorno, las cuales son copiadas dentro del búfer buildDasPaths. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=583 http://secunia.com/advisories/26471 http://securitytracker.com/id?1018581 http://www-1.ibm.com/support/docview.wss?uid=swg1IY97346 http://www-1.ibm.com/support/docview.wss?uid=swg1IY99311 http://www-1.ibm.com/support/docview.wss? • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •