Page 8 of 60 results (0.008 seconds)

CVSS: 5.0EPSS: 0%CPEs: 17EXPL: 0

CVE-2009-1239

https://notcve.org/view.php?id=CVE-2009-1239

IBM DB2 9.1 before FP7 returns incorrect query results in certain situations related to the order of application of an INNER JOIN predicate and an OUTER JOIN predicate, which might allow attackers to obtain sensitive information via a crafted query. IBM DB2 v9.1 anteriores a FP7 devuelve resultados incorrectos en ciertas situaciones relacionadas con la orden de aplicación de una identificación INNER JOIN y una identificación OUTER JOIN, lo que permitiría a atacantes conseguir información sensible a través de una petición manipulada. • http://www-01.ibm.com/support/docview.wss?uid=swg1JR31886 http://www-01.ibm.com/support/docview.wss?uid=swg21381257 http://www.vupen.com/english/advisories/2009/0912 https://exchange.xforce.ibmcloud.com/vulnerabilities/49864 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.0EPSS: 25%CPEs: 35EXPL: 1

CVE-2009-0172 – IBM DB2 < 9.5 pack 3a - Connect Denial of Service

https://notcve.org/view.php?id=CVE-2009-0172

Unspecified vulnerability in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote attackers to cause a denial of service (infinite loop) via a crafted CONNECT data stream. Vulnerabilidad no especificada en IBM DB2 v9.1 anterior a FP6a y 9.5 anterior a FP3a permite a atacantes remotos causar denegación de servicio a través de una secuencia de datos CONNECT manipulada. • https://www.exploit-db.com/exploits/8344 ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT http://secunia.com/advisories/33529 http://securitytracker.com/id?1021591 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37696 http://www-01.ibm.com/sup • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 87%CPEs: 35EXPL: 0

CVE-2009-0173

https://notcve.org/view.php?id=CVE-2009-0173

Unspecified vulnerability in the server in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote authenticated users to cause a denial of service (trap) via a crafted data stream. Vulnerabilidad no especificada en el servidor en IBM DB2 v9.1 anterior a FP6 y v9.5 anterior a FP3a permite a atacantes remotos causar denegación de servicio (trampa) a través de una secuencia de datos manipulada. • ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT http://secunia.com/advisories/33529 http://securitytracker.com/id?1021591 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ39652 http://www-01.ibm.com/support/docview.wss?uid=swg21363936 http://www • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 0%CPEs: 34EXPL: 0

CVE-2008-4692

https://notcve.org/view.php?id=CVE-2008-4692

The Native Managed Provider for .NET component in IBM DB2 8 before FP17, 9.1 before FP6, and 9.5 before FP2, when a definer cannot maintain objects, preserves views and triggers without marking them inoperative or dropping them, which has unknown impact and attack vectors. El componete Native Managed Provider para .NET en IBM DB2 v8 anterior a FP17, v9.1 anteior a FP6, y v9.5 anterior a FP2, cuando un "definer" no puede mantener objetos, conserva las vistas (Views) y los disparadores (triggers) sin señalarlos como desactivados/no operativos para su ejecución, lo que tiene un impacto y vectores de ataque desconocidos. • ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT http://secunia.com/advisories/31787 http://secunia.com/advisories/32368 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ22287 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ22306 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ22307 http://www-01.ibm.com/support/docview.wss?uid=swg27013892 http://www.vupen.com/english/advisories/2008/2893 https://exchange.xforce.ibmcloud&# •

CVSS: 5.0EPSS: 0%CPEs: 8EXPL: 0

CVE-2008-4691

https://notcve.org/view.php?id=CVE-2008-4691

Unspecified vulnerability in the SQLNLS_UNPADDEDCHARLEN function in the New Compiler (aka Starburst derived compiler) component in the server in IBM DB2 9.1 before FP6 allows attackers to cause a denial of service (segmentation violation and trap) via unknown vectors. Vulnerabilidad sin especificar en la función SQLNLS_UNPADDEDCHARLEN en el componente New Compiler (también conocido como Starburst derived compiler) en el servidor en IBM DB2 v9.1 anterior a FP6, permite a atacantes remotos provocar una denegación de servicio (violación de segmentación y "trap" -trampa-) a través de vectores desconocidos. • ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT http://secunia.com/advisories/32368 http://www-01.ibm.com/support/docview.wss?uid=swg1LI73364 http://www-01.ibm.com/support/docview.wss?uid=swg27013892 http://www.vupen.com/english/advisories/2008/2893 •