CVE-2005-4738
https://notcve.org/view.php?id=CVE-2005-4738
IBM DB2 Universal Database (UDB) 810 before ESE AIX 5765F4100 does not ensure that a user has execute privileges before permitting object creation based on routines, which allows remote authenticated users to gain privileges. • http://secunia.com/advisories/17031 http://www-1.ibm.com/support/docview.wss?uid=swg1IY71865 http://www.securityfocus.com/bid/15126 •
CVE-2005-4737
https://notcve.org/view.php?id=CVE-2005-4737
IBM DB2 Universal Database (UDB) 820 before ESE AIX 5765F4100 allows remote authenticated users to cause a denial of service (CPU consumption) by "abnormally" terminating a connection, which prevents db2agents from being properly cleared. • http://secunia.com/advisories/17031 http://www-1.ibm.com/support/docview.wss?uid=swg1IY71587 http://www.securityfocus.com/bid/15126 •
CVE-2005-4739
https://notcve.org/view.php?id=CVE-2005-4739
IBM DB2 Universal Database (UDB) 820 before version 8 FixPak 10 (s050811) allows remote authenticated users to cause a denial of service (application crash) by using a table function for an instance of snapshot_tbreorg, which triggers a trap in sqlnr_EStoE_action. • http://secunia.com/advisories/17031 http://www-1.ibm.com/support/docview.wss?uid=swg1IY72588 http://www.securityfocus.com/bid/15126 •
CVE-2005-4868 – IBM DB2 - Universal Database Information Disclosure
https://notcve.org/view.php?id=CVE-2005-4868
Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for the Everyone group, which allows local users to gain unauthorized access, gain sensitive information, such as cleartext passwords, and cause a denial of service. • https://www.exploit-db.com/exploits/24678 http://marc.info/?l=bugtraq&m=110495402231836&w=2 http://secunia.com/advisories/12733 http://www-1.ibm.com/support/docview.wss?uid=swg21181228 http://www.nextgenss.com/advisories/db205012005F.txt http://www.securityfocus.com/bid/11402 https://exchange.xforce.ibmcloud.com/vulnerabilities/17605 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVE-2005-4871
https://notcve.org/view.php?id=CVE-2005-4871
Certain XML functions in IBM DB2 8.1 run with the privileges of DB2 instead of the logged-in user, which allows remote attackers to create or overwrite files via (1) XMLFileFromVarchar or (2) XMLFileFromClob, or read files via (3) XMLVarcharFromFile or (4) XMLClobFromFile. • http://marc.info/?l=bugtraq&m=110495620513954&w=2 http://secunia.com/advisories/12733 http://www.ngssoftware.com/advisories/db205012005I.txt http://www.securityfocus.com/bid/12170 https://exchange.xforce.ibmcloud.com/vulnerabilities/18761 • CWE-264: Permissions, Privileges, and Access Controls •