Page 9 of 57 results (0.002 seconds)

CVSS: 6.8EPSS: 2%CPEs: 24EXPL: 0

Stack-based buffer overflow in JDBC Applet Server in IBM DB2 8.1 allows remote attackers to execute arbitrary by connecting and sending a long username, then disconnecting gracefully and reconnecting and sending a short username and an unexpected db2java.zip version, which causes a null terminator to be removed and leads to the overflow. • http://marc.info/?l=bugtraq&m=110495251101381&w=2 http://secunia.com/advisories/12733 http://www-1.ibm.com/support/docview.wss?uid=swg1IY61492 http://www.nextgenss.com/advisories/db205012005D.txt http://www.securityfocus.com/bid/11401 https://exchange.xforce.ibmcloud.com/vulnerabilities/17613 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.2EPSS: 0%CPEs: 20EXPL: 0

Stack-based buffer overflow in libdb2.so in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long DB2LPORT environment variable. • http://marc.info/?l=bugtraq&m=110495092105541&w=2 http://secunia.com/advisories/12733 http://www-1.ibm.com/support/docview.wss?uid=swg1IY62042 http://www.ngssoftware.com/advisories/db205012005B.txt http://www.securityfocus.com/bid/11390 https://exchange.xforce.ibmcloud.com/vulnerabilities/17616 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0

IBM DB2 Database server running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication and log on to the guest account without supplying a password. • http://www.ngssoftware.com/papers/database-on-xp.pdf http://www.securityfocus.com/bid/15452 •

CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0

Unknown "high risk" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and attack vectors. NOTE: due to the delayed disclosure of details for this issue, this candidate may be SPLIT in the future. In addition, this may be a duplicate of other issues as reported by the vendor. Vulnerabilidad desconocida de "alto riesgo" en DB2 Universal Database 8.1 y anteriores con impacto y vectores de ataque desconocidos. • http://marc.info/?l=bugtraq&m=110801212422825&w=2 http://www.ngssoftware.com/advisories/db2-09-05-05.htm http://www.securityfocus.com/bid/12508 •

CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0

Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow local users to execute arbitrary code via (1) a long third argument to the rec2xml function or (2) a long filename argument to the generate_distfile procedure. • http://marc.info/?l=bugtraq&m=110382462924162&w=2 http://marc.info/?l=bugtraq&m=110382730431065&w=2 http://www.ngssoftware.com/advisories/db223122004K.txt http://www.ngssoftware.com/advisories/db223122004L.txt http://www.securityfocus.com/bid/11089 https://exchange.xforce.ibmcloud.com/vulnerabilities/18663 https://exchange.xforce.ibmcloud.com/vulnerabilities/18682 •