CVSS: 10.0EPSS: 22%CPEs: 24EXPL: 0CVE-2005-4865
https://notcve.org/view.php?id=CVE-2005-4865
Stack-based buffer overflow in call in IBM DB2 7.x and 8.1 allows remote attackers to execute arbitrary code via a long libname. • http://marc.info/?l=bugtraq&m=110495173031208&w=2 http://secunia.com/advisories/12733 http://www-1.ibm.com/support/docview.wss?uid=swg1IY62041 http://www-1.ibm.com/support/docview.wss?uid=swg21181228 http://www.nextgenss.com/advisories/db205012005C.txt http://www.securityfocus.com/bid/11399 https://exchange.xforce.ibmcloud.com/vulnerabilities/17611 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.1EPSS: 0%CPEs: 5EXPL: 1CVE-2005-4868 – IBM DB2 - Universal Database Information Disclosure
https://notcve.org/view.php?id=CVE-2005-4868
Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for the Everyone group, which allows local users to gain unauthorized access, gain sensitive information, such as cleartext passwords, and cause a denial of service. • https://www.exploit-db.com/exploits/24678 http://marc.info/?l=bugtraq&m=110495402231836&w=2 http://secunia.com/advisories/12733 http://www-1.ibm.com/support/docview.wss?uid=swg21181228 http://www.nextgenss.com/advisories/db205012005F.txt http://www.securityfocus.com/bid/11402 https://exchange.xforce.ibmcloud.com/vulnerabilities/17605 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 2.1EPSS: 0%CPEs: 1EXPL: 1CVE-2005-4869 – IBM DB2 DTS To String Conversion - Denial of Service
https://notcve.org/view.php?id=CVE-2005-4869
The (1) to_char and (2) to_date function in IBM DB2 8.1 allows local users to cause a denial of service (application crash) via an empty string in the second parameter, which causes a null pointer dereference. • https://www.exploit-db.com/exploits/24677 http://marc.info/?l=bugtraq&m=110495483501494&w=2 http://secunia.com/advisories/12733 http://www-1.ibm.com/support/docview.wss?uid=swg1IY61781 http://www.nextgenss.com/advisories/db205012005G.txt http://www.securityfocus.com/bid/11400 https://exchange.xforce.ibmcloud.com/vulnerabilities/17614 •
CVSS: 9.3EPSS: 31%CPEs: 24EXPL: 0CVE-2005-4867
https://notcve.org/view.php?id=CVE-2005-4867
Stack-based buffer overflow in the SATENCRYPT function in IBM DB2 8.1, when Satellite Administration (SATADMIN) is enabled, allows remote attackers to execute arbitrary code via a long parameter. • http://marc.info/?l=bugtraq&m=110495332301120&w=2 http://secunia.com/advisories/12733 http://www-1.ibm.com/support/docview.wss?uid=swg21181228 http://www-1.ibm.com/support/search.wss?rs=0&q=IY62040&apar=only http://www.ngssoftware.com/advisories/db205012005E.txt http://www.securityfocus.com/bid/11396 https://exchange.xforce.ibmcloud.com/vulnerabilities/17612 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 20EXPL: 0CVE-2005-4864
https://notcve.org/view.php?id=CVE-2005-4864
Stack-based buffer overflow in libdb2.so in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long DB2LPORT environment variable. • http://marc.info/?l=bugtraq&m=110495092105541&w=2 http://secunia.com/advisories/12733 http://www-1.ibm.com/support/docview.wss?uid=swg1IY62042 http://www.ngssoftware.com/advisories/db205012005B.txt http://www.securityfocus.com/bid/11390 https://exchange.xforce.ibmcloud.com/vulnerabilities/17616 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •