CVE-2006-3067

Severity Score

5.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Multiple unspecified vulnerabilities in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allow remote attackers to cause a denial of service (application crash) via a (1) "long column list" in the (a) REPLACE INTO and (b) INSERT INTO portions of the LOAD command or a (2) large number of values in an IN clause, possibly related to a buffer overflow.

Múltiples vulnerabilidades no especificadas en IBM DB2 Universal Database (UDB), anterior a v8.1 FixPak 12 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) a través de un (1) "lista larga columna" en el REPLACE (a) e INSERT INTO (b) en porciones del comando de carga o un número (2) gran cantidad de valores en una cláusula IN, posiblemente relacionado con un desbordamiento de búfer.

*Credits: N/A

CVSS Scores

NISTv2 5.0

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2006-06-19 CVE Reserved
2006-06-19 CVE Published
2023-08-15 EPSS Updated
2024-08-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (9)

URL	Tag	Source
http://www.osvdb.org/27992	Vdb Entry
http://www.osvdb.org/27993	Vdb Entry
http://www.osvdb.org/29860	Vdb Entry
http://www.vupen.com/english/advisories/2006/2332	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/27099	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/27101	Vdb Entry

URL	Date	SRC

URL	Date	SRC
http://secunia.com/advisories/20579	2017-07-20
http://www-1.ibm.com/support/docview.wss?uid=swg1IY76767	2017-07-20
http://www-1.ibm.com/support/docview.wss?uid=swg1IY82725	2017-07-20

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Ibm Search vendor "Ibm"		Db2 Universal Database Search vendor "Ibm" for product "Db2 Universal Database"				<= 8.1 Search vendor "Ibm" for product "Db2 Universal Database" and version " <= 8.1"		fp11		Affected
Ibm Search vendor "Ibm"		Db2 Universal Database Search vendor "Ibm" for product "Db2 Universal Database"				8.0 Search vendor "Ibm" for product "Db2 Universal Database" and version "8.0"		fp9		Affected
Ibm Search vendor "Ibm"		Db2 Universal Database Search vendor "Ibm" for product "Db2 Universal Database"				8.1 Search vendor "Ibm" for product "Db2 Universal Database" and version "8.1"		fp10		Affected
Ibm Search vendor "Ibm"		Db2 Universal Database Search vendor "Ibm" for product "Db2 Universal Database"				8.1 Search vendor "Ibm" for product "Db2 Universal Database" and version "8.1"		fp8		Affected