Page 6 of 40 results (0.005 seconds)

CVSS: 7.2EPSS: 0%CPEs: 16EXPL: 0

Stack-based buffer overflow in db2fmp in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long parameter. • http://marc.info/?l=bugtraq&m=110494995113579&w=2 http://secunia.com/advisories/12733 http://www-1.ibm.com/support/docview.wss?uid=swg21181228 http://www-1.ibm.com/support/search.wss?rs=0&q=IY62039&apar=only http://www.nextgenss.com/advisories/db205012005A.txt http://www.securityfocus.com/bid/11397 https://exchange.xforce.ibmcloud.com/vulnerabilities/17615 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 1

Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for the Everyone group, which allows local users to gain unauthorized access, gain sensitive information, such as cleartext passwords, and cause a denial of service. • https://www.exploit-db.com/exploits/24678 http://marc.info/?l=bugtraq&m=110495402231836&w=2 http://secunia.com/advisories/12733 http://www-1.ibm.com/support/docview.wss?uid=swg21181228 http://www.nextgenss.com/advisories/db205012005F.txt http://www.securityfocus.com/bid/11402 https://exchange.xforce.ibmcloud.com/vulnerabilities/17605 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 10.0EPSS: 22%CPEs: 24EXPL: 0

Stack-based buffer overflow in call in IBM DB2 7.x and 8.1 allows remote attackers to execute arbitrary code via a long libname. • http://marc.info/?l=bugtraq&m=110495173031208&w=2 http://secunia.com/advisories/12733 http://www-1.ibm.com/support/docview.wss?uid=swg1IY62041 http://www-1.ibm.com/support/docview.wss?uid=swg21181228 http://www.nextgenss.com/advisories/db205012005C.txt http://www.securityfocus.com/bid/11399 https://exchange.xforce.ibmcloud.com/vulnerabilities/17611 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 31%CPEs: 24EXPL: 0

Stack-based buffer overflow in the SATENCRYPT function in IBM DB2 8.1, when Satellite Administration (SATADMIN) is enabled, allows remote attackers to execute arbitrary code via a long parameter. • http://marc.info/?l=bugtraq&m=110495332301120&w=2 http://secunia.com/advisories/12733 http://www-1.ibm.com/support/docview.wss?uid=swg21181228 http://www-1.ibm.com/support/search.wss?rs=0&q=IY62040&apar=only http://www.ngssoftware.com/advisories/db205012005E.txt http://www.securityfocus.com/bid/11396 https://exchange.xforce.ibmcloud.com/vulnerabilities/17612 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 2%CPEs: 24EXPL: 0

Stack-based buffer overflow in JDBC Applet Server in IBM DB2 8.1 allows remote attackers to execute arbitrary by connecting and sending a long username, then disconnecting gracefully and reconnecting and sending a short username and an unexpected db2java.zip version, which causes a null terminator to be removed and leads to the overflow. • http://marc.info/?l=bugtraq&m=110495251101381&w=2 http://secunia.com/advisories/12733 http://www-1.ibm.com/support/docview.wss?uid=swg1IY61492 http://www.nextgenss.com/advisories/db205012005D.txt http://www.securityfocus.com/bid/11401 https://exchange.xforce.ibmcloud.com/vulnerabilities/17613 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •