CVE-2006-3067
https://notcve.org/view.php?id=CVE-2006-3067
Multiple unspecified vulnerabilities in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allow remote attackers to cause a denial of service (application crash) via a (1) "long column list" in the (a) REPLACE INTO and (b) INSERT INTO portions of the LOAD command or a (2) large number of values in an IN clause, possibly related to a buffer overflow. Múltiples vulnerabilidades no especificadas en IBM DB2 Universal Database (UDB), anterior a v8.1 FixPak 12 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) a través de un (1) "lista larga columna" en el REPLACE (a) e INSERT INTO (b) en porciones del comando de carga o un número (2) gran cantidad de valores en una cláusula IN, posiblemente relacionado con un desbordamiento de búfer. • http://secunia.com/advisories/20579 http://www-1.ibm.com/support/docview.wss?uid=swg1IY76767 http://www-1.ibm.com/support/docview.wss?uid=swg1IY82725 http://www.osvdb.org/27992 http://www.osvdb.org/27993 http://www.osvdb.org/29860 http://www.vupen.com/english/advisories/2006/2332 https://exchange.xforce.ibmcloud.com/vulnerabilities/27099 https://exchange.xforce.ibmcloud.com/vulnerabilities/27101 •
CVE-2006-3068
https://notcve.org/view.php?id=CVE-2006-3068
IBM DB2 Universal Database (UDB) before 8.2 FixPak 12 allows remote attackers to cause a denial of service (application crash) by sending "incorrect information ... regarding the package name/creator," which leads to a "memory overwrite." IBM DB2 Universal Database (UDB), anterior a v8.2 FixPak 12 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) mediante el envío de "información incorrecta ... sobre el nombre del paquete / creador", que conduce a una "memoria sobrescribir". • http://secunia.com/advisories/20579 http://www-1.ibm.com/support/docview.wss?uid=swg1IY79204 http://www.osvdb.org/29862 http://www.vupen.com/english/advisories/2006/2332 • CWE-399: Resource Management Errors •
CVE-2005-4740
https://notcve.org/view.php?id=CVE-2005-4740
IBM DB2 Universal Database (UDB) 810 before version 8 FixPak 10 allows remote authenticated users to cause a denial of service (db2jd service crash) by "connecting from a downlevel client." • http://secunia.com/advisories/17031 http://www-1.ibm.com/support/docview.wss?uid=swg1JR21329 http://www.securityfocus.com/bid/15126 •
CVE-2005-4863
https://notcve.org/view.php?id=CVE-2005-4863
Stack-based buffer overflow in db2fmp in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long parameter. • http://marc.info/?l=bugtraq&m=110494995113579&w=2 http://secunia.com/advisories/12733 http://www-1.ibm.com/support/docview.wss?uid=swg21181228 http://www-1.ibm.com/support/search.wss?rs=0&q=IY62039&apar=only http://www.nextgenss.com/advisories/db205012005A.txt http://www.securityfocus.com/bid/11397 https://exchange.xforce.ibmcloud.com/vulnerabilities/17615 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2005-4738
https://notcve.org/view.php?id=CVE-2005-4738
IBM DB2 Universal Database (UDB) 810 before ESE AIX 5765F4100 does not ensure that a user has execute privileges before permitting object creation based on routines, which allows remote authenticated users to gain privileges. • http://secunia.com/advisories/17031 http://www-1.ibm.com/support/docview.wss?uid=swg1IY71865 http://www.securityfocus.com/bid/15126 •