Vulnerability-Lookup - Search a vulnerability

Vulnerability from fkie_nvd

Published

2003-11-17 05:00

Modified

2024-11-20 23:45

Severity ?

Summary

Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 before Fixpak 10 and 10a, and 8.1 before Fixpak 2, allows attackers with "Connect" privileges to execute arbitrary code via a LOAD command.

References

▼	URL	Tags
	cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2003-0836
	af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2003-0836

Impacted products

	Vendor	Product	Version
	ibm	db2_universal_database	7.2
	ibm	db2_universal_database	8.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:linux:*:*:*:*:*",
              "matchCriteriaId": "80DE2026-D9F0-4AAA-97E6-F4FB0EBDB265",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "3DC757E1-EC37-48C5-BE72-53184624ACDC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 before Fixpak 10 and 10a, and 8.1 before Fixpak 2, allows attackers with \"Connect\" privileges to execute arbitrary code via a LOAD command."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en la pila en IBM DB2 Universal Data Base 7.2 anteriores a Fixpak 10 y 10a, y 8.1 anteriores a Fixpak 2 permite a atacantes con privilegios \"connect\" ejecutar c\u00f3digo arbitrario mediante un comando LOAD."
    }
  ],
  "id": "CVE-2003-0836",
  "lastModified": "2024-11-20T23:45:38.153",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-11-17T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2003-0836"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2003-0836"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-12-31 05:00

Modified

2024-11-21 00:05

Severity ?

Summary

IBM DB2 Universal Database (UDB) 820 before ESE AIX 5765F4100 allows remote authenticated users to cause a denial of service (CPU consumption) by "abnormally" terminating a connection, which prevents db2agents from being properly cleared.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/17031	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY71587
cve@mitre.org	http://www.securityfocus.com/bid/15126	Patch
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17031	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY71587
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/15126	Patch

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1.4
ibm	db2_universal_database	8.1.5
ibm	db2_universal_database	8.1.6
ibm	db2_universal_database	8.1.6c
ibm	db2_universal_database	8.1.7
ibm	db2_universal_database	8.1.7b
ibm	db2_universal_database	8.1.8
ibm	db2_universal_database	8.1.8a
ibm	db2_universal_database	8.1.9
ibm	db2_universal_database	8.1.9a

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6F180189-FA62-453A-B6F8-134FE12805EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "3DC757E1-EC37-48C5-BE72-53184624ACDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DFE3DF2-216B-4E71-99BA-7955E44D853C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "00CFC92D-19AC-4515-A4F0-3744C335D975",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "83BDA3DD-24B4-4D91-969E-2E779A7EB1A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.6c:*:*:*:*:*:*:*",
              "matchCriteriaId": "82E8AF18-6E6D-4923-9303-A082D4D47B2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D309A217-6A82-4B5C-9C5B-ABD6E27457EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.7b:*:*:*:*:*:*:*",
              "matchCriteriaId": "F79242DD-F95B-4038-B6D9-4ABBE3F51836",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "302D906F-312A-4042-976D-6998178102E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.8a:*:*:*:*:*:*:*",
              "matchCriteriaId": "280064D8-0605-488F-AC2D-C2D238F3A69E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DA1AE7F-2417-43FD-9CFC-B17D6D4C6212",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.9a:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D8F7EC6-B67C-470F-8EC3-BC3C72A7989C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 Universal Database (UDB) 820 before ESE AIX 5765F4100 allows remote authenticated users to cause a denial of service (CPU consumption) by \"abnormally\" terminating a connection, which prevents db2agents from being properly cleared."
    }
  ],
  "evaluatorSolution": "The vulnerabilities have been fixed in Version 8 FixPak 10 (Version 8.2 FixPak 3)",
  "id": "CVE-2005-4737",
  "lastModified": "2024-11-21T00:05:03.657",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17031"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY71587"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/15126"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17031"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY71587"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/15126"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2008-08-28 17:41

Modified

2024-11-21 00:50

Severity ?

Summary

Buffer overflow in the DAS server program in the Core DAS function component in IBM DB2 9.1 before FP4a and 9.5 before FP1 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via unspecified vectors. NOTE: this might be related to CVE-2007-3676.

References

URL	Tags
cve@mitre.org	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
cve@mitre.org	http://secunia.com/advisories/29784
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ12406
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12379	Patch
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
cve@mitre.org	http://www.securityfocus.com/bid/29601	Patch
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/45141
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29784
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ12406
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12379	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/29601	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/45141

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "0D925911-6225-4B31-9C19-EF40360A9FB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "1961E7E9-35A4-4721-A081-E08D88FC1F42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "806CC0EE-9779-4676-A1FB-13878BAE42F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "C31FA827-1D6D-471A-8246-D39AF6AD0F83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:aix:*:*:*:*:*",
              "matchCriteriaId": "640F9988-7F33-4440-AB63-2743237BF2B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "C6F52E0B-24A2-4942-9256-ADBBEE3C1BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:linux:*:*:*:*:*",
              "matchCriteriaId": "627E56A7-98F1-4A94-9F76-4C6A9365616B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:solaris:*:*:*:*:*",
              "matchCriteriaId": "9DBCE5C1-CE78-4DEA-A6E7-35B2525052E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:aix:*:*:*:*:*",
              "matchCriteriaId": "30FD4DEA-CB8C-4E90-BE9E-B5C6225371A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "24FE6316-E7FB-474B-B61B-38F72D6EE632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:linux:*:*:*:*:*",
              "matchCriteriaId": "45610195-E2DF-480B-898B-32EE8707D3E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:solaris:*:*:*:*:*",
              "matchCriteriaId": "D16FC5E6-87A6-4594-8E1F-8DEBA7A7326B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:aix:*:*:*:*:*",
              "matchCriteriaId": "3F54309A-BA0E-447A-A115-DDBC20F6B2FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "55F55D9D-3016-4AB1-84B3-20FEE3CD0A98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:linux:*:*:*:*:*",
              "matchCriteriaId": "C518666C-29DE-45C0-A68D-74B5E2CEBBBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:solaris:*:*:*:*:*",
              "matchCriteriaId": "C9C156A0-A869-4D16-955D-EC9A6696260C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the DAS server program in the Core DAS function component in IBM DB2 9.1 before FP4a and 9.5 before FP1 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via unspecified vectors. NOTE: this might be related to CVE-2007-3676."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en el programa DAS server en el componente de la funci\u00f3n Core DAS en IBM DB2 9.1 antes del Fixpak 4a permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n o provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio) mediante vectores no especificados. NOTA: esto podr\u00eda estar relacionado con CVE-2008-0698."
    }
  ],
  "id": "CVE-2008-3853",
  "lastModified": "2024-11-21T00:50:16.680",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-08-28T17:41:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/29784"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ12406"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12379"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45141"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29784"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ12406"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12379"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45141"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-12-31 05:00

Modified

2024-11-21 00:05

Severity ?

Summary

IBM DB2 Universal Database (UDB) 810 before ESE AIX 5765F4100 does not ensure that a user has execute privileges before permitting object creation based on routines, which allows remote authenticated users to gain privileges.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/17031	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY71865	Patch
cve@mitre.org	http://www.securityfocus.com/bid/15126	Patch
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17031	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY71865	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/15126	Patch

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1.4
ibm	db2_universal_database	8.1.5
ibm	db2_universal_database	8.1.6
ibm	db2_universal_database	8.1.6c
ibm	db2_universal_database	8.1.7
ibm	db2_universal_database	8.1.7b
ibm	db2_universal_database	8.1.8
ibm	db2_universal_database	8.1.8a
ibm	db2_universal_database	8.1.9
ibm	db2_universal_database	8.1.9a

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6F180189-FA62-453A-B6F8-134FE12805EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "3DC757E1-EC37-48C5-BE72-53184624ACDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DFE3DF2-216B-4E71-99BA-7955E44D853C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "00CFC92D-19AC-4515-A4F0-3744C335D975",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "83BDA3DD-24B4-4D91-969E-2E779A7EB1A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.6c:*:*:*:*:*:*:*",
              "matchCriteriaId": "82E8AF18-6E6D-4923-9303-A082D4D47B2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D309A217-6A82-4B5C-9C5B-ABD6E27457EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.7b:*:*:*:*:*:*:*",
              "matchCriteriaId": "F79242DD-F95B-4038-B6D9-4ABBE3F51836",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "302D906F-312A-4042-976D-6998178102E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.8a:*:*:*:*:*:*:*",
              "matchCriteriaId": "280064D8-0605-488F-AC2D-C2D238F3A69E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DA1AE7F-2417-43FD-9CFC-B17D6D4C6212",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.9a:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D8F7EC6-B67C-470F-8EC3-BC3C72A7989C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 Universal Database (UDB) 810 before ESE AIX 5765F4100 does not ensure that a user has execute privileges before permitting object creation based on routines, which allows remote authenticated users to gain privileges."
    }
  ],
  "id": "CVE-2005-4738",
  "lastModified": "2024-11-21T00:05:03.820",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17031"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY71865"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/15126"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17031"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY71865"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/15126"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-12-31 05:00

Modified

2024-11-21 00:05

Severity ?

Summary

IBM DB2 Universal Database (UDB) 820 before version 8 FixPak 10 (s050811) allows remote authenticated users to cause a denial of service (application crash) by using a table function for an instance of snapshot_tbreorg, which triggers a trap in sqlnr_EStoE_action.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/17031	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY72588
cve@mitre.org	http://www.securityfocus.com/bid/15126	Patch
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17031	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY72588
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/15126	Patch

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1.4
ibm	db2_universal_database	8.1.5
ibm	db2_universal_database	8.1.6
ibm	db2_universal_database	8.1.6c
ibm	db2_universal_database	8.1.7
ibm	db2_universal_database	8.1.7b
ibm	db2_universal_database	8.1.8
ibm	db2_universal_database	8.1.8a
ibm	db2_universal_database	8.1.9
ibm	db2_universal_database	8.1.9a

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6F180189-FA62-453A-B6F8-134FE12805EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "3DC757E1-EC37-48C5-BE72-53184624ACDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DFE3DF2-216B-4E71-99BA-7955E44D853C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "00CFC92D-19AC-4515-A4F0-3744C335D975",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "83BDA3DD-24B4-4D91-969E-2E779A7EB1A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.6c:*:*:*:*:*:*:*",
              "matchCriteriaId": "82E8AF18-6E6D-4923-9303-A082D4D47B2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D309A217-6A82-4B5C-9C5B-ABD6E27457EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.7b:*:*:*:*:*:*:*",
              "matchCriteriaId": "F79242DD-F95B-4038-B6D9-4ABBE3F51836",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "302D906F-312A-4042-976D-6998178102E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.8a:*:*:*:*:*:*:*",
              "matchCriteriaId": "280064D8-0605-488F-AC2D-C2D238F3A69E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DA1AE7F-2417-43FD-9CFC-B17D6D4C6212",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.9a:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D8F7EC6-B67C-470F-8EC3-BC3C72A7989C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 Universal Database (UDB) 820 before version 8 FixPak 10 (s050811) allows remote authenticated users to cause a denial of service (application crash) by using a table function for an instance of snapshot_tbreorg, which triggers a trap in sqlnr_EStoE_action."
    }
  ],
  "id": "CVE-2005-4739",
  "lastModified": "2024-11-21T00:05:03.967",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17031"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY72588"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/15126"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17031"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY72588"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/15126"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-11-20 20:46

Modified

2024-11-21 00:39

Severity ?

Summary

IBM DB2 UDB 9.1 before Fixpak 4 does not properly handle use of large numbers of file descriptors, which might allow attackers to have an unknown impact involving "memory corruption." NOTE: the vendor description of this issue is too vague to be certain that it is security-related.

References

URL	Tags
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ04039
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
cve@mitre.org	http://www.securityfocus.com/bid/26450	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3867
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ04039
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26450	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3867

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
microsoft	windows	*
unix	unix	*
ibm	db2_universal_database	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:unix:unix:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7A7C398-5356-45D6-AA5C-53E63BC88DCA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:*:fp3a:*:*:*:*:*",
              "matchCriteriaId": "D90DD96D-B5DE-47CD-94EA-E8C058F8D548",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 UDB 9.1 before Fixpak 4 does not properly handle use of large numbers of file descriptors, which might allow attackers to have an unknown impact involving \"memory corruption.\" NOTE: the vendor description of this issue is too vague to be certain that it is security-related."
    },
    {
      "lang": "es",
      "value": "IBM DB2 UDB 9.1 anterior a Fixpak 4 no maneja de forma adecuada la utilizaci\u00f3n de n\u00fameros grandes de descriptores de archivos, lo cual podr\u00eda permitira a atacantes tener un impacto desconocido afectando a \"corrupci\u00f3n de memoria\". NOTA: la descripci\u00f3n del vendedor de este asunto es muy vaga como para afirmar que esta relacionado con la seguridad."
    }
  ],
  "id": "CVE-2007-6053",
  "lastModified": "2024-11-21T00:39:16.443",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-11-20T20:46:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ04039"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/26450"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/3867"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ04039"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/26450"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3867"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2004-09-28 04:00

Modified

2024-11-20 23:46

Severity ?

Summary

IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries that are used in setuid root programs.

References

URL	Tags
cve@mitre.org	http://www.securityfocus.com/archive/1/331904	Exploit, Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/8346	Exploit, Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/12826
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/331904	Exploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/8346	Exploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/12826

Impacted products

Vendor	Product	Version
ibm	db2	9.0
ibm	db2_universal_database	6.0
ibm	db2_universal_database	7.0
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.2
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFF280E6-CF00-4B71-B58A-2087D339C665",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "489B0F5D-2D6B-4599-BE7A-41A491E6318A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6EA810DB-104E-412A-8B6E-DBB5BEE743A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "56D0096E-8145-4A36-BC18-A9C5C780D1A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:linux:*:*:*:*:*",
              "matchCriteriaId": "80DE2026-D9F0-4AAA-97E6-F4FB0EBDB265",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6F180189-FA62-453A-B6F8-134FE12805EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "3DC757E1-EC37-48C5-BE72-53184624ACDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:*:windows:*:*:*:*:*",
              "matchCriteriaId": "B4EC24E8-4E4F-4D93-88E6-B27FEB663823",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries that are used in setuid root programs."
    },
    {
      "lang": "es",
      "value": "IBM DB2 7.1 y 8.1 permite al usuario bin ganar privilegios de root modificando las librer\u00edas compartidas usadas por programas con setuid de root."
    }
  ],
  "id": "CVE-2003-1052",
  "lastModified": "2024-11-20T23:46:14.407",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-09-28T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/archive/1/331904"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/8346"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12826"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/archive/1/331904"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/8346"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12826"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-11-20 20:46

Modified

2024-11-21 00:39

Severity ?

Summary

IBM DB2 UDB 9.1 before Fixpak 4 does not properly perform vector aggregation, which might allow attackers to cause a denial of service (divide-by-zero error and DBMS crash), related to an "overflow." NOTE: the vendor description of this issue is too vague to be certain that it is security-related.

References

URL	Tags
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ08205
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
cve@mitre.org	http://www.securityfocus.com/bid/26450	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3867
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ08205
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26450	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3867

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
microsoft	windows	*
unix	unix	*
ibm	db2_universal_database	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:unix:unix:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7A7C398-5356-45D6-AA5C-53E63BC88DCA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:*:fp3a:*:*:*:*:*",
              "matchCriteriaId": "D90DD96D-B5DE-47CD-94EA-E8C058F8D548",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 UDB 9.1 before Fixpak 4 does not properly perform vector aggregation, which might allow attackers to cause a denial of service (divide-by-zero error and DBMS crash), related to an \"overflow.\" NOTE: the vendor description of this issue is too vague to be certain that it is security-related."
    },
    {
      "lang": "es",
      "value": "IBM DB2 UDB 9.1 anterior a Fixpak 4 no realiza adecuadamente la suma de vector, lo cual permite a atacantes provocar denegaci\u00f3n de servicio (error de divisi\u00f3n por zero y caida DBMS), relacionad con un \"desbordamiento\". NOTA: la descripci\u00f3n del vendedor de este asunto es muy vaga como para afirmar que se trata de un asunto de seguridad."
    }
  ],
  "id": "CVE-2007-6052",
  "lastModified": "2024-11-21T00:39:16.303",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-11-20T20:46:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ08205"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/26450"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/3867"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ08205"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/26450"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3867"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-08-18 21:17

Modified

2024-11-21 00:35

Severity ?

Summary

Multiple untrusted search path vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain privileges via certain vectors related to (1) DB2 instance or FMP startup on Linux and Solaris; (2) exec of executables while running as root on non-Windows systems, as demonstrated by AIX; and unspecified vectors involving (3) db2licm and (4) db2pd.

References

URL	Tags
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=582
cve@mitre.org	http://secunia.com/advisories/26471	Patch, Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1018581
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY97922
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY97936
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY98176
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY98206
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ01923
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ02067
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255352	Patch
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
cve@mitre.org	http://www.attrition.org/pipermail/vim/2007-August/001765.html
cve@mitre.org	http://www.securityfocus.com/bid/25339
cve@mitre.org	http://www.vupen.com/english/advisories/2007/2912
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/36062
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/36064
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=582
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26471	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018581
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY97922
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY97936
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY98176
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY98206
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ01923
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ02067
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255352	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.attrition.org/pipermail/vim/2007-August/001765.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/25339
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2912
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/36062
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/36064

Impacted products

	Vendor	Product	Version
	ibm	db2_universal_database	*
	ibm	db2_universal_database	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp14:*:*:*:*:*:*",
              "matchCriteriaId": "A896A825-6BBF-46A4-992D-F80CC0A93D5C",
              "versionEndIncluding": "8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:*:fp2:*:*:*:*:*",
              "matchCriteriaId": "AD1AACA4-8B6E-4DC7-A63D-7F6D1D1C7575",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple untrusted search path vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain privileges via certain vectors related to (1) DB2 instance or FMP startup on Linux and Solaris; (2) exec of executables while running as root on non-Windows systems, as demonstrated by AIX; and unspecified vectors involving (3) db2licm and (4) db2pd."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de b\u00fasqueda en ruta no confiable en IBM DB2 UDB 8 anterior a Fixpak 15 y 9.1 anterior a Fixpak 3 permite a usuarios locales ganar privilegios a trav\u00e9s de ciertos vectores relacionados con (1) la instancia DB2 o el arranque FMP sobre Linux y Solaris; (2) el exec de ejecutables cuando funciona como root sobre sistemas no-Windows, como se demostr\u00f3 con AIX; y vectores no especificados afectando a (3)db2licm y (4) db2pd.\r\n"
    }
  ],
  "id": "CVE-2007-4275",
  "lastModified": "2024-11-21T00:35:12.580",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-08-18T21:17:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=582"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26471"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1018581"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY97922"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY97936"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98176"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98206"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ01923"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ02067"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/25339"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/2912"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36062"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36064"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=582"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26471"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1018581"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY97922"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY97936"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98176"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98206"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ01923"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ02067"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/25339"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2912"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36062"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36064"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2004-09-28 04:00

Modified

2024-11-20 23:46

Severity ?

Summary

IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS directories with insecure permissions (777), which allows local users to modify or delete certain DB2 files.

References

URL	Tags
cve@mitre.org	http://www-1.ibm.com/support/search.wss?rs=0&q=IY44841&apar=only	Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/search.wss?rs=0&q=IY44842&apar=only
cve@mitre.org	http://www.securityfocus.com/bid/9243	Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/14030
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/search.wss?rs=0&q=IY44841&apar=only	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/search.wss?rs=0&q=IY44842&apar=only
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/9243	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/14030

Impacted products

	Vendor	Product	Version
	ibm	db2_universal_database	7.0
	ibm	db2_universal_database	8.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6EA810DB-104E-412A-8B6E-DBB5BEE743A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6F180189-FA62-453A-B6F8-134FE12805EE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS directories with insecure permissions (777), which allows local users to modify or delete certain DB2 files."
    },
    {
      "lang": "es",
      "value": "IBM DB2 Universal Database 7 antes de FixPak 12 crea ciertos directorios DMS con permisos inseguros (777), lo que permite a usuarios locales modificar o borrar ciertos ficheros DB2."
    }
  ],
  "id": "CVE-2003-1049",
  "lastModified": "2024-11-20T23:46:14.007",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-09-28T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY44841\u0026apar=only"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY44842\u0026apar=only"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/9243"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14030"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY44841\u0026apar=only"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY44842\u0026apar=only"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/9243"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14030"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-11-20 20:46

Modified

2024-11-21 00:39

Severity ?

Summary

Unspecified vulnerability in (1) DB2WATCH and (2) DB2FREEZE in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors.

References

URL	Tags
cve@mitre.org	http://osvdb.org/41014
cve@mitre.org	http://osvdb.org/41015
cve@mitre.org	http://secunia.com/advisories/27667	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03655
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
cve@mitre.org	http://www.securityfocus.com/bid/26450	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3867
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/41014
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/41015
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27667	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03655
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26450	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3867

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
microsoft	windows	*
unix	unix	*
ibm	db2_universal_database	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:unix:unix:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7A7C398-5356-45D6-AA5C-53E63BC88DCA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:*:fp3a:*:*:*:*:*",
              "matchCriteriaId": "D90DD96D-B5DE-47CD-94EA-E8C058F8D548",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in (1) DB2WATCH and (2) DB2FREEZE in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en (1) DB2WATCH y (2) DB2FREEZE \u00e7en IBM DB2 UDB 9.1 anterior a Fixpak 4 tiene un impacto desconocido y vectores de ataque."
    }
  ],
  "id": "CVE-2007-6045",
  "lastModified": "2024-11-21T00:39:14.817",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-11-20T20:46:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/41014"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/41015"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27667"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03655"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/26450"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/3867"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/41014"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/41015"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27667"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03655"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/26450"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3867"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-11-20 20:46

Modified

2024-11-21 00:39

Severity ?

Summary

Unspecified vulnerability in the SSL LOAD GSKIT action in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, involving a call to dlopen when the effective uid is root.

References

URL	Tags
cve@mitre.org	http://osvdb.org/41013
cve@mitre.org	http://secunia.com/advisories/27667	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ05461
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
cve@mitre.org	http://www.securityfocus.com/bid/26450	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3867
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/41013
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27667	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ05461
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26450	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3867

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
unix	unix	*
ibm	db2_universal_database	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:unix:unix:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7A7C398-5356-45D6-AA5C-53E63BC88DCA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:*:fp3a:*:*:*:*:*",
              "matchCriteriaId": "D90DD96D-B5DE-47CD-94EA-E8C058F8D548",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the SSL LOAD GSKIT action in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, involving a call to dlopen when the effective uid is root."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en la acci\u00f3n SSL LOAD GSKIT en IBM DB2 UDB 9.1 anterior a Fixpak 4 tiene un impacto desconocido y vectores de ataque, afectando a la llamada a dlopen cuando el uid efectivo es root."
    }
  ],
  "id": "CVE-2007-6049",
  "lastModified": "2024-11-21T00:39:15.883",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-11-20T20:46:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/41013"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27667"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ05461"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/26450"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/3867"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/41013"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27667"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ05461"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/26450"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3867"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2009-01-16 21:30

Modified

2024-11-21 00:59

Severity ?

Summary

Unspecified vulnerability in the server in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote authenticated users to cause a denial of service (trap) via a crafted data stream.

References

URL	Tags
cve@mitre.org	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
cve@mitre.org	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT
cve@mitre.org	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
cve@mitre.org	http://secunia.com/advisories/33529	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1021591
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ39652
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21363936	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39373	Patch
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39653	Patch
cve@mitre.org	http://www.securityfocus.com/bid/33258
cve@mitre.org	http://www.vupen.com/english/advisories/2009/0137
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/47934
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/33529	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1021591
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ39652
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21363936	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39373	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39653	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/33258
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/0137
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/47934

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "0D925911-6225-4B31-9C19-EF40360A9FB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "A96437C6-D2C6-46BC-BC2D-078F6131E8E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "806CC0EE-9779-4676-A1FB-13878BAE42F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "C31FA827-1D6D-471A-8246-D39AF6AD0F83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "9446F75C-BE15-4DAE-9B96-E80F0EF24C0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:*:*:*:*:*:*",
              "matchCriteriaId": "06EA7251-AF53-4A63-B469-97A1316FCFFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:aix:*:*:*:*:*",
              "matchCriteriaId": "640F9988-7F33-4440-AB63-2743237BF2B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "C6F52E0B-24A2-4942-9256-ADBBEE3C1BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:linux:*:*:*:*:*",
              "matchCriteriaId": "627E56A7-98F1-4A94-9F76-4C6A9365616B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:solaris:*:*:*:*:*",
              "matchCriteriaId": "9DBCE5C1-CE78-4DEA-A6E7-35B2525052E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:windows:*:*:*:*:*",
              "matchCriteriaId": "CC92F759-749C-4E6A-83B3-C8ADB333054F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:aix:*:*:*:*:*",
              "matchCriteriaId": "30FD4DEA-CB8C-4E90-BE9E-B5C6225371A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "24FE6316-E7FB-474B-B61B-38F72D6EE632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:solaris:*:*:*:*:*",
              "matchCriteriaId": "D16FC5E6-87A6-4594-8E1F-8DEBA7A7326B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:*:*:*:*:*:*",
              "matchCriteriaId": "6E9595EC-7222-4737-96B8-80847399CFF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:aix:*:*:*:*:*",
              "matchCriteriaId": "3F54309A-BA0E-447A-A115-DDBC20F6B2FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "55F55D9D-3016-4AB1-84B3-20FEE3CD0A98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:linux:*:*:*:*:*",
              "matchCriteriaId": "C518666C-29DE-45C0-A68D-74B5E2CEBBBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:windows:*:*:*:*:*",
              "matchCriteriaId": "A3BD177C-6CF6-463D-8999-830DA1BF3E38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:*:*:*:*:*:*",
              "matchCriteriaId": "74479A15-2388-4FBA-AE83-1692F22122E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "7D21AED3-42E7-4C07-8DD3-4DFCC40E1460",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:linux:*:*:*:*:*",
              "matchCriteriaId": "240239CD-9E05-46E0-A42C-13DB5EE8F436",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:windows:*:*:*:*:*",
              "matchCriteriaId": "77828856-BFE6-4D31-90C1-CDB189BA95AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:ga:*:*:*:*:*:*",
              "matchCriteriaId": "E3422821-0C01-4502-AD99-0AFE73751B3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F01421A6-B4B4-4F86-87D3-B11AEC1258CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:aix:*:*:*:*:*",
              "matchCriteriaId": "55D8F159-5A2D-4CB6-A7B9-7DCF8A9B82C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "F7E8AA7B-4E40-41B9-8940-95B5F00E11DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:linux:*:*:*:*:*",
              "matchCriteriaId": "C91A9870-C75D-4B49-B1F5-E9CF054D3CA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "B7C7E16D-AC11-4FC0-9534-799926E525EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:windows:*:*:*:*:*",
              "matchCriteriaId": "C1B953D1-0B8F-4C6F-8485-E5E942593015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp1:aix:*:*:*:*:*",
              "matchCriteriaId": "2098CCDC-1F4B-44AC-976E-E31FED8AD976",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp1:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "87FFA2D9-8544-4B12-B02E-8B2198CB3621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp1:linux:*:*:*:*:*",
              "matchCriteriaId": "BDDEF993-94F0-431F-AC23-86EE3089F61B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp1:solaris:*:*:*:*:*",
              "matchCriteriaId": "652E829C-0886-4FD6-9513-C1AD844E30AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp1:windows:*:*:*:*:*",
              "matchCriteriaId": "99A3B7D1-8467-4B9B-ACAC-2D265386F2D9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the server in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote authenticated users to cause a denial of service (trap) via a crafted data stream."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en el servidor en IBM DB2 v9.1 anterior  a FP6 y v9.5 anterior a FP3a permite a atacantes remotos causar denegaci\u00f3n de servicio (trampa) a trav\u00e9s de una secuencia de datos manipulada."
    }
  ],
  "id": "CVE-2009-0173",
  "lastModified": "2024-11-21T00:59:16.630",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-01-16T21:30:03.610",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33529"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1021591"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ39652"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39373"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39653"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/33258"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/0137"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47934"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33529"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1021591"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ39652"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39373"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39653"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/33258"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0137"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47934"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2001-02-16 05:00

Modified

2024-11-20 23:34

Severity ?

Summary

IBM DB2 Universal Database version 6.1 allows users to cause a denial of service via a malformed query.

References

URL	Tags
cve@mitre.org	http://www.securityfocus.com/archive/1/149207	Exploit, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/2067	Exploit, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/5664
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/149207	Exploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/2067	Exploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/5664

Impacted products

	Vendor	Product	Version
	ibm	db2_universal_database	6.1
	ibm	db2_universal_database	7.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:6.1:*:windows_nt:*:*:*:*:*",
              "matchCriteriaId": "CE2C1506-0AF0-40A6-8922-782AE4EAF5C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:windows_nt:*:*:*:*:*",
              "matchCriteriaId": "13FBD257-3F9A-4D23-96A9-ADC856A4FFB3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 Universal Database version 6.1 allows users to cause a denial of service via a malformed query."
    }
  ],
  "id": "CVE-2001-0052",
  "lastModified": "2024-11-20T23:34:29.140",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2001-02-16T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/archive/1/149207"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/2067"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5664"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/archive/1/149207"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/2067"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5664"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-12-31 05:00

Modified

2024-11-21 00:05

Severity ?

Summary

Stack-based buffer overflow in the SATENCRYPT function in IBM DB2 8.1, when Satellite Administration (SATADMIN) is enabled, allows remote attackers to execute arbitrary code via a long parameter.

References

URL	Tags
cve@mitre.org	http://marc.info/?l=bugtraq&m=110495332301120&w=2
cve@mitre.org	http://secunia.com/advisories/12733/	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21181228	Patch
cve@mitre.org	http://www-1.ibm.com/support/search.wss?rs=0&q=IY62040&apar=only
cve@mitre.org	http://www.ngssoftware.com/advisories/db205012005E.txt
cve@mitre.org	http://www.securityfocus.com/bid/11396	Patch
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/17612
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=110495332301120&w=2
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/12733/	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21181228	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/search.wss?rs=0&q=IY62040&apar=only
af854a3a-2127-422b-91ae-364da2661108	http://www.ngssoftware.com/advisories/db205012005E.txt
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/11396	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/17612

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	7.0
ibm	db2_universal_database	7.0
ibm	db2_universal_database	7.0
ibm	db2_universal_database	7.0
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.2
ibm	db2_universal_database	7.2
ibm	db2_universal_database	7.2
ibm	db2_universal_database	7.2
ibm	db2_universal_database	7.2
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.0:*:aix:*:*:*:*:*",
              "matchCriteriaId": "889CAF38-6DFA-4185-BB20-62D7AC8E607E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.0:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "74DC6B16-4519-41FC-84A7-DF5D74909018",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6EA810DB-104E-412A-8B6E-DBB5BEE743A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.0:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "515EB611-B1FA-467C-91EF-C5A15BE54C5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "AAB0D5A7-4649-4427-A298-AB8BE83BA898",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "D1065FBC-D8F9-4E61-AA00-E26D10477152",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "56D0096E-8145-4A36-BC18-A9C5C780D1A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "3582B88E-655E-4258-A60D-99D9F01EE698",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "BE7D9100-F344-49B7-A542-2A7035FBFF41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:aix:*:*:*:*:*",
              "matchCriteriaId": "F2CD0B87-4557-4EC9-9082-B7F23113D911",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "E77E8381-FC86-406E-8AC5-CA62415665D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:linux:*:*:*:*:*",
              "matchCriteriaId": "80DE2026-D9F0-4AAA-97E6-F4FB0EBDB265",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "E6F25EED-2F22-4066-8EBF-82B78E4518F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:windows:*:*:*:*:*",
              "matchCriteriaId": "6EBDEDDF-DBBA-4CD9-8CDE-5182246936D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:aix:*:*:*:*:*",
              "matchCriteriaId": "95E13DED-D8B2-4895-8540-B0C59CB6E672",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "71C09529-B8EA-4E39-9606-84EFE693A459",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6F180189-FA62-453A-B6F8-134FE12805EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "0656D0A4-E09E-4C5E-9270-931433598B7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:windows:*:*:*:*:*",
              "matchCriteriaId": "39F9063B-982D-46C0-BE50-57DAE0F83174",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "3DC757E1-EC37-48C5-BE72-53184624ACDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "0D220944-974E-4620-86DB-3687CF219294",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "BEB7068D-B900-418A-88A4-6F35122D8302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "D75154B0-4B86-41C7-BD04-9AE21647F27F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "620663C7-8AA1-430F-AF00-32F5EF7C65B6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in the SATENCRYPT function in IBM DB2 8.1, when Satellite Administration (SATADMIN) is enabled, allows remote attackers to execute arbitrary code via a long parameter."
    }
  ],
  "id": "CVE-2005-4867",
  "lastModified": "2024-11-21T00:05:22.307",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=110495332301120\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/12733/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21181228"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY62040\u0026apar=only"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ngssoftware.com/advisories/db205012005E.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/11396"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17612"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=110495332301120\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/12733/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21181228"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY62040\u0026apar=only"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ngssoftware.com/advisories/db205012005E.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/11396"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17612"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2006-06-19 10:02

Modified

2024-11-21 00:12

Severity ?

Summary

Buffer overflow in the TCP/IP listener in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allows remote attackers to cause a denial of service (application crash) via a long MGRLVLLS message inside of an EXCSAT message when establishing a connection.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/20579	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY84096	Patch
cve@mitre.org	http://www.osvdb.org/29861
cve@mitre.org	http://www.securityfocus.com/archive/1/445297/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/18428	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2006/2332
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20579	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY84096	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/29861
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/445297/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/18428	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/2332

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	*
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1.4
ibm	db2_universal_database	8.1.5
ibm	db2_universal_database	8.1.6
ibm	db2_universal_database	8.1.6c
ibm	db2_universal_database	8.1.7
ibm	db2_universal_database	8.1.7b
ibm	db2_universal_database	8.1.8
ibm	db2_universal_database	8.1.8a
ibm	db2_universal_database	8.1.9
ibm	db2_universal_database	8.1.9a

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBD7CE2D-AC20-47D6-9832-8BAFBC22EA0A",
              "versionEndIncluding": "8.10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6F180189-FA62-453A-B6F8-134FE12805EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "3DC757E1-EC37-48C5-BE72-53184624ACDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DFE3DF2-216B-4E71-99BA-7955E44D853C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "00CFC92D-19AC-4515-A4F0-3744C335D975",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "83BDA3DD-24B4-4D91-969E-2E779A7EB1A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.6c:*:*:*:*:*:*:*",
              "matchCriteriaId": "82E8AF18-6E6D-4923-9303-A082D4D47B2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D309A217-6A82-4B5C-9C5B-ABD6E27457EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.7b:*:*:*:*:*:*:*",
              "matchCriteriaId": "F79242DD-F95B-4038-B6D9-4ABBE3F51836",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "302D906F-312A-4042-976D-6998178102E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.8a:*:*:*:*:*:*:*",
              "matchCriteriaId": "280064D8-0605-488F-AC2D-C2D238F3A69E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DA1AE7F-2417-43FD-9CFC-B17D6D4C6212",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.9a:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D8F7EC6-B67C-470F-8EC3-BC3C72A7989C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the TCP/IP listener in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allows remote attackers to cause a denial of service (application crash) via a long MGRLVLLS message inside of an EXCSAT message when establishing a connection."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en la escucha de TCP / IP en IBM DB2 Universal Database (UDB), anterior a v8.1 FixPak 12 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un mensaje MGRLVLLS mucho tiempo dentro de un mensaje de EXCSAT al establecer una conexi\u00f3n."
    }
  ],
  "evaluatorSolution": "This vulnerability is addressed in the following product release:\r\nIBM, DB2 Universal Database, 8.12",
  "id": "CVE-2006-3066",
  "lastModified": "2024-11-21T00:12:44.393",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-06-19T10:02:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20579"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY84096"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/29861"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/445297/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/18428"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/2332"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20579"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY84096"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/29861"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/445297/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/18428"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/2332"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2008-08-28 17:41

Modified

2024-11-21 00:50

Severity ?

Summary

Unspecified vulnerability in the DB2 Administration Server (DAS) in the Core DAS function component in IBM DB2 9.1 before Fixpak 5 allows local users to gain privileges, aka a "FILE CREATION VULNERABILITY." NOTE: this may be the same as CVE-2007-5664.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/30558	Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12735
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
cve@mitre.org	http://www.securityfocus.com/bid/29601
cve@mitre.org	http://www.vupen.com/english/advisories/2008/1769
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/42932
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30558	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12735
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/29601
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1769
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/42932

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "0D925911-6225-4B31-9C19-EF40360A9FB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "1961E7E9-35A4-4721-A081-E08D88FC1F42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "806CC0EE-9779-4676-A1FB-13878BAE42F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "C31FA827-1D6D-471A-8246-D39AF6AD0F83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "9446F75C-BE15-4DAE-9B96-E80F0EF24C0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:aix:*:*:*:*:*",
              "matchCriteriaId": "640F9988-7F33-4440-AB63-2743237BF2B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "C6F52E0B-24A2-4942-9256-ADBBEE3C1BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:linux:*:*:*:*:*",
              "matchCriteriaId": "627E56A7-98F1-4A94-9F76-4C6A9365616B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:solaris:*:*:*:*:*",
              "matchCriteriaId": "9DBCE5C1-CE78-4DEA-A6E7-35B2525052E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:windows:*:*:*:*:*",
              "matchCriteriaId": "CC92F759-749C-4E6A-83B3-C8ADB333054F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:aix:*:*:*:*:*",
              "matchCriteriaId": "30FD4DEA-CB8C-4E90-BE9E-B5C6225371A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "24FE6316-E7FB-474B-B61B-38F72D6EE632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:linux:*:*:*:*:*",
              "matchCriteriaId": "45610195-E2DF-480B-898B-32EE8707D3E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:solaris:*:*:*:*:*",
              "matchCriteriaId": "D16FC5E6-87A6-4594-8E1F-8DEBA7A7326B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:windows:*:*:*:*:*",
              "matchCriteriaId": "F1503B4A-3C40-45E4-9C2F-347CDF419752",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:aix:*:*:*:*:*",
              "matchCriteriaId": "3F54309A-BA0E-447A-A115-DDBC20F6B2FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "55F55D9D-3016-4AB1-84B3-20FEE3CD0A98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:linux:*:*:*:*:*",
              "matchCriteriaId": "C518666C-29DE-45C0-A68D-74B5E2CEBBBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:solaris:*:*:*:*:*",
              "matchCriteriaId": "C9C156A0-A869-4D16-955D-EC9A6696260C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:windows:*:*:*:*:*",
              "matchCriteriaId": "A3BD177C-6CF6-463D-8999-830DA1BF3E38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:aix:*:*:*:*:*",
              "matchCriteriaId": "059C886A-FA0B-40DE-A573-A2B4BE7A14BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "7D21AED3-42E7-4C07-8DD3-4DFCC40E1460",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:linux:*:*:*:*:*",
              "matchCriteriaId": "240239CD-9E05-46E0-A42C-13DB5EE8F436",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:solaris:*:*:*:*:*",
              "matchCriteriaId": "BE002DF4-F5FF-4505-8722-37ACCDB2EC11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:windows:*:*:*:*:*",
              "matchCriteriaId": "77828856-BFE6-4D31-90C1-CDB189BA95AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the DB2 Administration Server (DAS) in the Core DAS function component in IBM DB2 9.1 before Fixpak 5 allows local users to gain privileges, aka a \"FILE CREATION VULNERABILITY.\" NOTE: this may be the same as CVE-2007-5664."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en DB2 Administration Server (DAS) en el componente de la funci\u00f3n Core DAS de IBM DB2 9.1 antes de Fixpak 5 permite a usuarios locales obtener privilegios, tambi\u00e9n conocido como \"VULNERABILIDAD DE CREACI\u00d3N DE ARCHIVO\". NOTA: esto podr\u00eda ser lo mismo que CVE-2007-5664."
    }
  ],
  "id": "CVE-2008-3855",
  "lastModified": "2024-11-21T00:50:17.033",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-08-28T17:41:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30558"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12735"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/1769"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42932"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30558"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12735"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1769"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42932"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        },
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2001-07-11 04:00

Modified

2024-11-20 23:36

Severity ?

Summary

IBM DB2 7.0 allows a remote attacker to cause a denial of service (crash) via a single byte to (1) db2ccs.exe on port 6790, or (2) db2jds.exe on port 6789.

References

URL	Tags
cve@mitre.org	http://www.iss.net/security_center/static/6832.php	Vendor Advisory
cve@mitre.org	http://www.iss.net/security_center/static/6833.php	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/archive/1/196140	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/3010	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.iss.net/security_center/static/6832.php	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.iss.net/security_center/static/6833.php	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/196140	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/3010	Vendor Advisory

Impacted products

	Vendor	Product	Version
	ibm	db2_universal_database	7.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6EA810DB-104E-412A-8B6E-DBB5BEE743A5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 7.0 allows a remote attacker to cause a denial of service (crash) via a single byte to (1) db2ccs.exe on port 6790, or (2) db2jds.exe on port 6789."
    }
  ],
  "id": "CVE-2001-1143",
  "lastModified": "2024-11-20T23:36:59.353",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2001-07-11T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.iss.net/security_center/static/6832.php"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.iss.net/security_center/static/6833.php"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/archive/1/196140"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/3010"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.iss.net/security_center/static/6832.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.iss.net/security_center/static/6833.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/archive/1/196140"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/3010"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-12-31 05:00

Modified

2024-11-21 00:05

Severity ?

Summary

IBM DB2 Universal Database (UDB) 810 before 8.1 FP10 allows remote authenticated users to cause a denial of service (application crash) via (1) certain equality predicates that trigger self-removal, aka IY70808; and (2) a query with more than 32000 elements in the IN-list, aka LI70817.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/17031	Exploit, Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY70808	Exploit, Patch
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1LI70817	Exploit, Patch
cve@mitre.org	http://www.securityfocus.com/bid/15126	Patch
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17031	Exploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY70808	Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1LI70817	Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/15126	Patch

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1.4
ibm	db2_universal_database	8.1.5
ibm	db2_universal_database	8.1.6
ibm	db2_universal_database	8.1.6c
ibm	db2_universal_database	8.1.7
ibm	db2_universal_database	8.1.7b
ibm	db2_universal_database	8.1.8
ibm	db2_universal_database	8.1.8a
ibm	db2_universal_database	8.1.9
ibm	db2_universal_database	8.1.9a

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6F180189-FA62-453A-B6F8-134FE12805EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "3DC757E1-EC37-48C5-BE72-53184624ACDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DFE3DF2-216B-4E71-99BA-7955E44D853C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "00CFC92D-19AC-4515-A4F0-3744C335D975",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "83BDA3DD-24B4-4D91-969E-2E779A7EB1A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.6c:*:*:*:*:*:*:*",
              "matchCriteriaId": "82E8AF18-6E6D-4923-9303-A082D4D47B2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D309A217-6A82-4B5C-9C5B-ABD6E27457EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.7b:*:*:*:*:*:*:*",
              "matchCriteriaId": "F79242DD-F95B-4038-B6D9-4ABBE3F51836",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "302D906F-312A-4042-976D-6998178102E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.8a:*:*:*:*:*:*:*",
              "matchCriteriaId": "280064D8-0605-488F-AC2D-C2D238F3A69E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DA1AE7F-2417-43FD-9CFC-B17D6D4C6212",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.9a:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D8F7EC6-B67C-470F-8EC3-BC3C72A7989C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 Universal Database (UDB) 810 before 8.1 FP10 allows remote authenticated users to cause a denial of service (application crash) via (1) certain equality predicates that trigger self-removal, aka IY70808; and (2) a query with more than 32000 elements in the IN-list, aka LI70817."
    }
  ],
  "id": "CVE-2005-4735",
  "lastModified": "2024-11-21T00:05:03.353",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17031"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY70808"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1LI70817"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/15126"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17031"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY70808"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1LI70817"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/15126"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2009-01-16 21:30

Modified

2024-11-21 00:59

Severity ?

Summary

Unspecified vulnerability in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote attackers to cause a denial of service (infinite loop) via a crafted CONNECT data stream.

References

URL	Tags
cve@mitre.org	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
cve@mitre.org	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT
cve@mitre.org	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
cve@mitre.org	http://secunia.com/advisories/33529	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1021591
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37696
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21363936	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ36534	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ37697	Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/33258	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2009/0137
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/47931
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/33529	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1021591
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37696
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21363936	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ36534	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ37697	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/33258	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/0137
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/47931

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "0D925911-6225-4B31-9C19-EF40360A9FB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "A96437C6-D2C6-46BC-BC2D-078F6131E8E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "806CC0EE-9779-4676-A1FB-13878BAE42F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "C31FA827-1D6D-471A-8246-D39AF6AD0F83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "9446F75C-BE15-4DAE-9B96-E80F0EF24C0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:*:*:*:*:*:*",
              "matchCriteriaId": "06EA7251-AF53-4A63-B469-97A1316FCFFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:aix:*:*:*:*:*",
              "matchCriteriaId": "640F9988-7F33-4440-AB63-2743237BF2B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "C6F52E0B-24A2-4942-9256-ADBBEE3C1BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:linux:*:*:*:*:*",
              "matchCriteriaId": "627E56A7-98F1-4A94-9F76-4C6A9365616B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:solaris:*:*:*:*:*",
              "matchCriteriaId": "9DBCE5C1-CE78-4DEA-A6E7-35B2525052E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:windows:*:*:*:*:*",
              "matchCriteriaId": "CC92F759-749C-4E6A-83B3-C8ADB333054F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:aix:*:*:*:*:*",
              "matchCriteriaId": "30FD4DEA-CB8C-4E90-BE9E-B5C6225371A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "24FE6316-E7FB-474B-B61B-38F72D6EE632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:solaris:*:*:*:*:*",
              "matchCriteriaId": "D16FC5E6-87A6-4594-8E1F-8DEBA7A7326B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:*:*:*:*:*:*",
              "matchCriteriaId": "6E9595EC-7222-4737-96B8-80847399CFF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:aix:*:*:*:*:*",
              "matchCriteriaId": "3F54309A-BA0E-447A-A115-DDBC20F6B2FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "55F55D9D-3016-4AB1-84B3-20FEE3CD0A98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:linux:*:*:*:*:*",
              "matchCriteriaId": "C518666C-29DE-45C0-A68D-74B5E2CEBBBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:windows:*:*:*:*:*",
              "matchCriteriaId": "A3BD177C-6CF6-463D-8999-830DA1BF3E38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:*:*:*:*:*:*",
              "matchCriteriaId": "74479A15-2388-4FBA-AE83-1692F22122E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "7D21AED3-42E7-4C07-8DD3-4DFCC40E1460",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:linux:*:*:*:*:*",
              "matchCriteriaId": "240239CD-9E05-46E0-A42C-13DB5EE8F436",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:windows:*:*:*:*:*",
              "matchCriteriaId": "77828856-BFE6-4D31-90C1-CDB189BA95AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:ga:*:*:*:*:*:*",
              "matchCriteriaId": "E3422821-0C01-4502-AD99-0AFE73751B3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F01421A6-B4B4-4F86-87D3-B11AEC1258CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:aix:*:*:*:*:*",
              "matchCriteriaId": "55D8F159-5A2D-4CB6-A7B9-7DCF8A9B82C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "F7E8AA7B-4E40-41B9-8940-95B5F00E11DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:linux:*:*:*:*:*",
              "matchCriteriaId": "C91A9870-C75D-4B49-B1F5-E9CF054D3CA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "B7C7E16D-AC11-4FC0-9534-799926E525EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:windows:*:*:*:*:*",
              "matchCriteriaId": "C1B953D1-0B8F-4C6F-8485-E5E942593015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp1:aix:*:*:*:*:*",
              "matchCriteriaId": "2098CCDC-1F4B-44AC-976E-E31FED8AD976",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp1:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "87FFA2D9-8544-4B12-B02E-8B2198CB3621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp1:linux:*:*:*:*:*",
              "matchCriteriaId": "BDDEF993-94F0-431F-AC23-86EE3089F61B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp1:solaris:*:*:*:*:*",
              "matchCriteriaId": "652E829C-0886-4FD6-9513-C1AD844E30AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp1:windows:*:*:*:*:*",
              "matchCriteriaId": "99A3B7D1-8467-4B9B-ACAC-2D265386F2D9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote attackers to cause a denial of service (infinite loop) via a crafted CONNECT data stream."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en IBM DB2 v9.1 anterior a FP6a y 9.5 anterior a FP3a permite a atacantes remotos causar denegaci\u00f3n de servicio a trav\u00e9s de una secuencia de datos CONNECT manipulada."
    }
  ],
  "id": "CVE-2009-0172",
  "lastModified": "2024-11-21T00:59:16.473",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-01-16T21:30:03.593",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33529"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1021591"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37696"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ36534"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ37697"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/33258"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/0137"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47931"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33529"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1021591"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37696"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ36534"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ37697"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/33258"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0137"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47931"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-12-31 05:00

Modified

2024-11-21 00:05

Severity ?

Summary

IBM DB2 Universal Database (UDB) 820 before 8.2 FP10 allows remote authenticated users to cause a denial of service (disk consumption) via a hash join (hsjn) that triggers an infinite loop in sqlri_hsjnFlushBlocks.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/17031	Exploit, Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY70561	Exploit, Patch
cve@mitre.org	http://www.securityfocus.com/bid/15126	Patch
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17031	Exploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY70561	Exploit, Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/15126	Patch

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1.4
ibm	db2_universal_database	8.1.5
ibm	db2_universal_database	8.1.6
ibm	db2_universal_database	8.1.6c
ibm	db2_universal_database	8.1.7
ibm	db2_universal_database	8.1.7b
ibm	db2_universal_database	8.1.8
ibm	db2_universal_database	8.1.8a
ibm	db2_universal_database	8.1.9
ibm	db2_universal_database	8.1.9a

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6F180189-FA62-453A-B6F8-134FE12805EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "3DC757E1-EC37-48C5-BE72-53184624ACDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DFE3DF2-216B-4E71-99BA-7955E44D853C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "00CFC92D-19AC-4515-A4F0-3744C335D975",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "83BDA3DD-24B4-4D91-969E-2E779A7EB1A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.6c:*:*:*:*:*:*:*",
              "matchCriteriaId": "82E8AF18-6E6D-4923-9303-A082D4D47B2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D309A217-6A82-4B5C-9C5B-ABD6E27457EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.7b:*:*:*:*:*:*:*",
              "matchCriteriaId": "F79242DD-F95B-4038-B6D9-4ABBE3F51836",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "302D906F-312A-4042-976D-6998178102E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.8a:*:*:*:*:*:*:*",
              "matchCriteriaId": "280064D8-0605-488F-AC2D-C2D238F3A69E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DA1AE7F-2417-43FD-9CFC-B17D6D4C6212",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.9a:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D8F7EC6-B67C-470F-8EC3-BC3C72A7989C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 Universal Database (UDB) 820 before 8.2 FP10 allows remote authenticated users to cause a denial of service (disk consumption) via a hash join (hsjn) that triggers an infinite loop in sqlri_hsjnFlushBlocks."
    }
  ],
  "id": "CVE-2005-4736",
  "lastModified": "2024-11-21T00:05:03.513",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17031"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY70561"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/15126"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17031"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY70561"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/15126"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-11-20 20:46

Modified

2024-11-21 00:39

Severity ?

Summary

Unspecified vulnerability in DB2LICD in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, related to creation of an "insecure directory."

References

URL	Tags
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03881
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
cve@mitre.org	http://www.securityfocus.com/bid/26450	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3867
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03881
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26450	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3867

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
microsoft	windows	*
unix	unix	*
ibm	db2_universal_database	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:unix:unix:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7A7C398-5356-45D6-AA5C-53E63BC88DCA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:*:fp3a:*:*:*:*:*",
              "matchCriteriaId": "D90DD96D-B5DE-47CD-94EA-E8C058F8D548",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in DB2LICD in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, related to creation of an \"insecure directory.\""
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en DB2LICD en IBM DB2 UDB 9.1 anterior a Fixpak 4 tiene un impacto desconocido y vectores de ataque, relacionado con la creaci\u00f3n de un \"directorio no seguro\"."
    }
  ],
  "id": "CVE-2007-6050",
  "lastModified": "2024-11-21T00:39:16.030",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-11-20T20:46:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03881"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/26450"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/3867"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03881"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/26450"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3867"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-12-31 05:00

Modified

2024-11-21 00:05

Severity ?

7.1 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Summary

Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for the Everyone group, which allows local users to gain unauthorized access, gain sensitive information, such as cleartext passwords, and cause a denial of service.

References

URL	Tags
cve@mitre.org	http://marc.info/?l=bugtraq&m=110495402231836&w=2	Mailing List
cve@mitre.org	http://secunia.com/advisories/12733/	Broken Link, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21181228	Broken Link
cve@mitre.org	http://www.nextgenss.com/advisories/db205012005F.txt	Not Applicable
cve@mitre.org	http://www.securityfocus.com/bid/11402	Broken Link, Patch, Third Party Advisory, VDB Entry
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/17605	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=110495402231836&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/12733/	Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21181228	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.nextgenss.com/advisories/db205012005F.txt	Not Applicable
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/11402	Broken Link, Patch, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/17605	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.2
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.1
microsoft	windows	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE601D37-E6DD-429D-B17F-25E9B6090CCD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE58350C-327B-4D34-9980-299537134CEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "06038A2B-9391-48D8-92DF-073B27017C41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC2B937D-F6F7-49E5-A58C-CE455A986F9A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for the Everyone group, which allows local users to gain unauthorized access, gain sensitive information, such as cleartext passwords, and cause a denial of service."
    }
  ],
  "id": "CVE-2005-4868",
  "lastModified": "2024-11-21T00:05:22.470",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.1,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=110495402231836\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/12733/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21181228"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://www.nextgenss.com/advisories/db205012005F.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link",
        "Patch",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/11402"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17605"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=110495402231836\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/12733/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21181228"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Not Applicable"
      ],
      "url": "http://www.nextgenss.com/advisories/db205012005F.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Patch",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/11402"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17605"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-732"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2008-08-28 17:41

Modified

2024-11-21 00:50

Severity ?

Summary

The routine infrastructure component in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP1 on Unix and Linux does not change the ownership of the db2fmp process, which has unknown impact and attack vectors.

References

URL	Tags
cve@mitre.org	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
cve@mitre.org	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
cve@mitre.org	http://secunia.com/advisories/29784	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/31787	Vendor Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ19155	Patch
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20350
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20352	Patch
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
cve@mitre.org	http://www.securityfocus.com/bid/29601	Patch
cve@mitre.org	http://www.securityfocus.com/bid/31058
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/45140
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29784	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31787	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ19155	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20350
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20352	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/29601	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/31058
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/45140

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.0
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp16:aix:*:*:*:*:*",
              "matchCriteriaId": "177EB7BB-7987-4E33-8020-2A8D9A6157CD",
              "versionEndIncluding": "8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp16:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "A602F842-9133-48F0-A46A-CC297A0CA478",
              "versionEndIncluding": "8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp16:linux:*:*:*:*:*",
              "matchCriteriaId": "6053CF9A-AF05-4EE2-832D-75CFFDD6A035",
              "versionEndIncluding": "8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp16:solaris:*:*:*:*:*",
              "matchCriteriaId": "9619C4A9-0834-4BC6-BDE6-9CD0636032F3",
              "versionEndIncluding": "8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp4a:aix:*:*:*:*:*",
              "matchCriteriaId": "331365ED-6901-41B1-8CAB-BD4924348983",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp4a:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "2973E5EC-D98D-4229-82DE-38D2B2B10FE3",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp4a:linux:*:*:*:*:*",
              "matchCriteriaId": "FCBE6932-DF7C-4A07-94AE-A1B962A26201",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp4a:solaris:*:*:*:*:*",
              "matchCriteriaId": "A1C99EB8-D889-4322-AEBD-941575E26B66",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp1:aix:*:*:*:*:*",
              "matchCriteriaId": "E9D53A45-A270-47A6-8E52-4EFD20B60454",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp1:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "1DC0FD0B-BB91-4881-8BEF-2FF5DEE799FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp1:linux:*:*:*:*:*",
              "matchCriteriaId": "C4D89C55-70BA-4DEB-A3CB-93F1F01BBB8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp10:aix:*:*:*:*:*",
              "matchCriteriaId": "F805BA54-A413-46EC-A1C0-EEE5A8FB3C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp10:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "DAA10457-D52B-4AE5-8635-E072B5E25662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp10:linux:*:*:*:*:*",
              "matchCriteriaId": "F9EF7B04-D200-4648-AD26-D78BD8B032FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp10:solaris:*:*:*:*:*",
              "matchCriteriaId": "EB3DA89D-B79A-4B02-A287-C505D1FE8004",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp11:aix:*:*:*:*:*",
              "matchCriteriaId": "D52430A4-018F-4342-A1F5-4093CBBCFFED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp11:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "7A1C82E1-F8EF-40CD-ACDD-081FFC268FBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp11:linux:*:*:*:*:*",
              "matchCriteriaId": "C1B22E99-C013-49B3-BE3E-DB9DB685CA03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp11:solaris:*:*:*:*:*",
              "matchCriteriaId": "9173E3FB-1DA9-4DD8-A08F-8A730BEB27B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp12:aix:*:*:*:*:*",
              "matchCriteriaId": "58D0932B-A52A-48BB-ADFB-AEB17FCF69E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp12:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "F63AA153-396F-43AC-8CB0-8E27F119FF5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp12:linux:*:*:*:*:*",
              "matchCriteriaId": "7C132382-0C33-4E9B-878B-2C626D34DB10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp12:solaris:*:*:*:*:*",
              "matchCriteriaId": "C1C093DF-FCD2-47FC-8C8E-1468A5FA06B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp13:aix:*:*:*:*:*",
              "matchCriteriaId": "27E209D3-741C-4BD6-AE5A-A52C0C0EAEA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp13:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "AA4A6254-B6BB-42DB-9E2F-7AA960AD8C41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp13:linux:*:*:*:*:*",
              "matchCriteriaId": "BEBC3282-413E-4A0C-BDEA-B5671BF51F71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp13:solaris:*:*:*:*:*",
              "matchCriteriaId": "45802AC3-78BB-4190-AB93-B67F586B94C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp14:aix:*:*:*:*:*",
              "matchCriteriaId": "99270F25-D30F-4120-9FA2-35C39CEEC8B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp14:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "BDD49D30-7ACF-4A33-B92D-C66BE9929BE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp14:linux:*:*:*:*:*",
              "matchCriteriaId": "3664CEE2-0449-452B-A934-170F0349A57C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp14:solaris:*:*:*:*:*",
              "matchCriteriaId": "4A9A7663-3322-45A9-A5D8-E0970336F68D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp15:aix:*:*:*:*:*",
              "matchCriteriaId": "D6B6EAB4-5A66-4BEB-B38B-DA0124DD6F57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp15:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "9BC307F3-A9A0-4C48-8983-64B1B237AAF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp15:linux:*:*:*:*:*",
              "matchCriteriaId": "44C9C5AF-26E2-4C0F-9816-0CF3EE02A838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp15:solaris:*:*:*:*:*",
              "matchCriteriaId": "68018945-8F40-436E-9981-4C3B62EAD28E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp2:aix:*:*:*:*:*",
              "matchCriteriaId": "A24425DA-1FAC-43BC-86F3-1E561277AF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp2:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "23BB5DCC-CC6E-4118-B0D4-DEE6EA54D05A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp2:linux:*:*:*:*:*",
              "matchCriteriaId": "E6097C8C-41B1-4CC8-AAD3-3731D103093B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp2:solaris:*:*:*:*:*",
              "matchCriteriaId": "1DF33116-6CB4-48B2-BF23-632F185EB7CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp3:aix:*:*:*:*:*",
              "matchCriteriaId": "6A3A0A74-100A-4B37-8D45-3F59FE403D63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp3:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "741D3457-DA96-4AF1-A036-7FAF640C8D27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp3:linux:*:*:*:*:*",
              "matchCriteriaId": "D55F0E1F-2905-4ABC-9A9B-FF62299F679D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp3:solaris:*:*:*:*:*",
              "matchCriteriaId": "12EB2606-33BE-4253-94B7-43E76F0BB430",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4:aix:*:*:*:*:*",
              "matchCriteriaId": "55E1A553-1786-489D-9BE2-60D7348FD8F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "E8C502A3-56DA-4104-BCAC-3E5D454D49F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4:linux:*:*:*:*:*",
              "matchCriteriaId": "F98FA787-A7E7-45BA-A3DC-F25C2FC74A10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4:solaris:*:*:*:*:*",
              "matchCriteriaId": "2C8DA7D4-0375-412A-9DDF-E31D6D1CD5C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4a:aix:*:*:*:*:*",
              "matchCriteriaId": "58F68270-C74E-415E-A8C1-3FE5940B8DD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4a:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "F677E182-A145-42D0-8580-8467279938CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4a:linux:*:*:*:*:*",
              "matchCriteriaId": "D02E2CF9-CE08-4B0B-ADD5-1A9AE7DE8B62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4a:solaris:*:*:*:*:*",
              "matchCriteriaId": "AB99106D-14C9-4E95-92BA-0DDF1EF48B29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp5:aix:*:*:*:*:*",
              "matchCriteriaId": "36A0742E-E958-4328-B9A8-2D4BA883926F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp5:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "13FE19E6-67FD-450F-9129-8DCF4707C0BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp5:linux:*:*:*:*:*",
              "matchCriteriaId": "8A8E27E2-4470-40B6-BE35-3B96D375D891",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp5:solaris:*:*:*:*:*",
              "matchCriteriaId": "045B87AF-476D-4A13-88E4-C0ADF8F1374D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6:aix:*:*:*:*:*",
              "matchCriteriaId": "16E17C4B-C233-4C27-90DF-34802571EFBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "B2C32CFE-2C37-44B4-B05F-B4B41ADEEB17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6:linux:*:*:*:*:*",
              "matchCriteriaId": "A32039C1-C940-4ACC-8236-6C48286CD8EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6:solaris:*:*:*:*:*",
              "matchCriteriaId": "9E792924-8741-42EA-B091-521A8D806393",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6a:aix:*:*:*:*:*",
              "matchCriteriaId": "1BCDD273-AA59-427A-A13C-21D2D18862C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6a:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "63FB9C7D-72AB-40B8-B9A0-107707AB970D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6a:linux:*:*:*:*:*",
              "matchCriteriaId": "BFDEB3C4-261D-4A44-898F-0972C4E0BADD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6a:solaris:*:*:*:*:*",
              "matchCriteriaId": "711D578D-53FA-4FE3-87D4-49E8A6B27645",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6b:aix:*:*:*:*:*",
              "matchCriteriaId": "8AC7F72B-8BC0-4186-9EA7-B1B4CF4DE029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6b:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "492DF384-0687-409F-A416-D545E3CA4B1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6b:linux:*:*:*:*:*",
              "matchCriteriaId": "A1ACA5ED-C596-48A4-A60F-AF29457D8E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6b:solaris:*:*:*:*:*",
              "matchCriteriaId": "17C07869-F96F-409A-A5A8-DAEF37513442",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6c:aix:*:*:*:*:*",
              "matchCriteriaId": "0A7DFEC9-AF38-457A-A4E6-77EFFDEC6E8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6c:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "BEF40CF8-4858-4AD2-9136-B9E7742609E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6c:linux:*:*:*:*:*",
              "matchCriteriaId": "02AEA3AF-76F2-479E-97FF-259228157219",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6c:solaris:*:*:*:*:*",
              "matchCriteriaId": "D9C4CF66-D4BA-4C00-8891-BEEB0DD665A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7:aix:*:*:*:*:*",
              "matchCriteriaId": "28589727-AE9E-4181-8B41-46192B593E98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "F458C66B-ACE1-4315-A8CC-4CEFAD41028D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7:linux:*:*:*:*:*",
              "matchCriteriaId": "83642434-B93C-450B-99EA-270008B4E37D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7:solaris:*:*:*:*:*",
              "matchCriteriaId": "F2AD8AC6-239A-4CFE-9D9E-8A841A867725",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7a:aix:*:*:*:*:*",
              "matchCriteriaId": "5187C464-0B04-4D29-8700-F4D9359F0564",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7a:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "9A1A163A-AA78-48E1-9C86-C8A1A1A29929",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7a:linux:*:*:*:*:*",
              "matchCriteriaId": "20AC001E-4C76-42CB-A8BC-790BD0C39F98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7a:solaris:*:*:*:*:*",
              "matchCriteriaId": "4B4F776B-5914-4BDE-9C2F-84E3795FA788",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7b:aix:*:*:*:*:*",
              "matchCriteriaId": "11D13957-FDE1-4B00-8753-BA94C0DAA249",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7b:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "C18FB58D-6EC6-4CDD-912B-18A17F7E957B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7b:linux:*:*:*:*:*",
              "matchCriteriaId": "2045E0EA-B405-4BF0-A817-34E79317F46F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7b:solaris:*:*:*:*:*",
              "matchCriteriaId": "4541F041-F2F4-4491-BDBE-4215A75E832C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8:aix:*:*:*:*:*",
              "matchCriteriaId": "2F7D3287-9D4C-4AA7-8232-3543369397CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "BA5B0AA2-E067-4FFF-ADE1-145D8A1C1B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8:linux:*:*:*:*:*",
              "matchCriteriaId": "0C35EA9D-DEFE-4B81-B5C9-51103273F661",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8:solaris:*:*:*:*:*",
              "matchCriteriaId": "C92BCF46-BEBF-433C-A095-44E6F7A16E3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8a:aix:*:*:*:*:*",
              "matchCriteriaId": "308D7247-F21E-4199-BA14-FE318637F3C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8a:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "84E99600-0016-4FD9-BFC9-D2CD913012BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8a:linux:*:*:*:*:*",
              "matchCriteriaId": "0CBA4D6B-4C07-4780-8760-00F82D0016E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8a:solaris:*:*:*:*:*",
              "matchCriteriaId": "332C4CED-4E32-48C6-BF91-43409E0C7D8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9:aix:*:*:*:*:*",
              "matchCriteriaId": "1F5AD43F-1D06-447F-8B66-89207DE3AECA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "CEC1C774-2AD9-4EBA-AB11-70135F20D006",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9:linux:*:*:*:*:*",
              "matchCriteriaId": "5CE1E38B-FEA7-45CE-A50E-A4670AB925EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9:solaris:*:*:*:*:*",
              "matchCriteriaId": "BDC3F77B-9C7C-4D56-B575-FFFF0AD51E3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9a:aix:*:*:*:*:*",
              "matchCriteriaId": "F9D03647-B68E-4950-A718-7E83135A8BE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9a:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "27F207B6-B5E8-4972-B315-106F4903B8B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9a:linux:*:*:*:*:*",
              "matchCriteriaId": "C934F5CD-7E30-497E-9DD8-BB92646B81E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9a:solaris:*:*:*:*:*",
              "matchCriteriaId": "43D68C54-E197-43AD-94CF-AA2CF1B2D76C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:aix:*:*:*:*:*",
              "matchCriteriaId": "95E13DED-D8B2-4895-8540-B0C59CB6E672",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "628141AA-1E3C-4243-BA8F-14144ABCB980",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6F180189-FA62-453A-B6F8-134FE12805EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "0656D0A4-E09E-4C5E-9270-931433598B7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "0D925911-6225-4B31-9C19-EF40360A9FB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "1961E7E9-35A4-4721-A081-E08D88FC1F42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "806CC0EE-9779-4676-A1FB-13878BAE42F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "C31FA827-1D6D-471A-8246-D39AF6AD0F83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:aix:*:*:*:*:*",
              "matchCriteriaId": "640F9988-7F33-4440-AB63-2743237BF2B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "C6F52E0B-24A2-4942-9256-ADBBEE3C1BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:linux:*:*:*:*:*",
              "matchCriteriaId": "627E56A7-98F1-4A94-9F76-4C6A9365616B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:solaris:*:*:*:*:*",
              "matchCriteriaId": "9DBCE5C1-CE78-4DEA-A6E7-35B2525052E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:aix:*:*:*:*:*",
              "matchCriteriaId": "30FD4DEA-CB8C-4E90-BE9E-B5C6225371A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "24FE6316-E7FB-474B-B61B-38F72D6EE632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:linux:*:*:*:*:*",
              "matchCriteriaId": "45610195-E2DF-480B-898B-32EE8707D3E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:solaris:*:*:*:*:*",
              "matchCriteriaId": "D16FC5E6-87A6-4594-8E1F-8DEBA7A7326B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:aix:*:*:*:*:*",
              "matchCriteriaId": "3F54309A-BA0E-447A-A115-DDBC20F6B2FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "55F55D9D-3016-4AB1-84B3-20FEE3CD0A98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:linux:*:*:*:*:*",
              "matchCriteriaId": "C518666C-29DE-45C0-A68D-74B5E2CEBBBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:solaris:*:*:*:*:*",
              "matchCriteriaId": "C9C156A0-A869-4D16-955D-EC9A6696260C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The routine infrastructure component in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP1 on Unix and Linux does not change the ownership of the db2fmp process, which has unknown impact and attack vectors."
    },
    {
      "lang": "es",
      "value": "El componente routine infrastructure en DB2 de IBM versi\u00f3n 8 anterior a FP17, versi\u00f3n 9.1 anterior a FP5 y versi\u00f3n 9.5 anterior a FP1, en Unix y Linux,  no cambia la propiedad del proceso db2fmp, que presenta un impacto y vectores de ataque desconocidos."
    }
  ],
  "id": "CVE-2008-3856",
  "lastModified": "2024-11-21T00:50:17.193",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-08-28T17:41:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29784"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31787"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ19155"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20350"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20352"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/31058"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45140"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29784"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31787"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ19155"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20350"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20352"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/31058"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45140"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2003-10-06 04:00

Modified

2024-11-20 23:45

Severity ?

Summary

Buffer overflow in db2dart in IBM DB2 Universal Data Base 7.2 before Fixpak 10 allows local users to gain root privileges via a long command line argument.

References

URL	Tags
cve@mitre.org	http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0114.html
cve@mitre.org	http://marc.info/?l=bugtraq&m=106389919618721&w=2
cve@mitre.org	http://www.ciac.org/ciac/bulletins/n-154.shtml
cve@mitre.org	http://www.coresecurity.com/common/showdoc.php?idx=366&idxseccion=10
cve@mitre.org	http://www.securityfocus.com/bid/8552	Exploit, Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/13218
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0114.html
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=106389919618721&w=2
af854a3a-2127-422b-91ae-364da2661108	http://www.ciac.org/ciac/bulletins/n-154.shtml
af854a3a-2127-422b-91ae-364da2661108	http://www.coresecurity.com/common/showdoc.php?idx=366&idxseccion=10
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/8552	Exploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/13218

Impacted products

	Vendor	Product	Version
	ibm	db2_universal_database	7.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:linux:*:*:*:*:*",
              "matchCriteriaId": "80DE2026-D9F0-4AAA-97E6-F4FB0EBDB265",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in db2dart in IBM DB2 Universal Data Base 7.2 before Fixpak 10 allows local users to gain root privileges via a long command line argument."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en db2dart en IMB DB2 Universal Database 7.2 anteriores a Fixpak 10 permite a usuarios locales ganar privilegios de root mediante un argumento de l\u00ednea de comandos largo."
    }
  ],
  "id": "CVE-2003-0758",
  "lastModified": "2024-11-20T23:45:27.443",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-10-06T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0114.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=106389919618721\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ciac.org/ciac/bulletins/n-154.shtml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.coresecurity.com/common/showdoc.php?idx=366\u0026idxseccion=10"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/8552"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13218"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0114.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=106389919618721\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ciac.org/ciac/bulletins/n-154.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.coresecurity.com/common/showdoc.php?idx=366\u0026idxseccion=10"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/8552"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13218"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2008-08-28 17:41

Modified

2024-11-21 00:50

Severity ?

Summary

Unspecified vulnerability in the CLR stored procedure deployment from IBM Database Add-Ins for Visual Studio in the Visual Studio Net component in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 2 allows remote authenticated users to execute arbitrary code via unknown vectors.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/30558	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/31635	Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1JR28431	Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1JR28432	Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21293566
cve@mitre.org	http://www.securityfocus.com/archive/1/496405/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/29601
cve@mitre.org	http://www.securitytracker.com/id?1020761
cve@mitre.org	http://www.vupen.com/english/advisories/2008/1769	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2008/2445	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/42927
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/44697
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30558	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31635	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1JR28431	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1JR28432	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21293566
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/496405/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/29601
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1020761
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1769	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/2445	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/42927
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/44697

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp4a:aix:*:*:*:*:*",
              "matchCriteriaId": "331365ED-6901-41B1-8CAB-BD4924348983",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp4a:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "2973E5EC-D98D-4229-82DE-38D2B2B10FE3",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp4a:linux:*:*:*:*:*",
              "matchCriteriaId": "FCBE6932-DF7C-4A07-94AE-A1B962A26201",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp4a:solaris:*:*:*:*:*",
              "matchCriteriaId": "A1C99EB8-D889-4322-AEBD-941575E26B66",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp4a:windows:*:*:*:*:*",
              "matchCriteriaId": "20167E27-8448-4747-90CA-112BF36664EC",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp1:aix:*:*:*:*:*",
              "matchCriteriaId": "F1FC5B15-E438-444B-9CB7-8B33DE42AA10",
              "versionEndIncluding": "9.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp1:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "08DC6612-16D7-4EEE-8010-E69E2ADBC816",
              "versionEndIncluding": "9.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp1:linux:*:*:*:*:*",
              "matchCriteriaId": "0F5E070A-9B0C-43C7-ADF4-5C2A12E77E99",
              "versionEndIncluding": "9.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp1:solaris:*:*:*:*:*",
              "matchCriteriaId": "3F0DC286-6602-457A-A150-453A8F15F722",
              "versionEndIncluding": "9.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp1:windows:*:*:*:*:*",
              "matchCriteriaId": "C19FCA98-00D1-4529-B07C-CF07E9F2EB12",
              "versionEndIncluding": "9.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "0D925911-6225-4B31-9C19-EF40360A9FB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "A96437C6-D2C6-46BC-BC2D-078F6131E8E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "806CC0EE-9779-4676-A1FB-13878BAE42F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "C31FA827-1D6D-471A-8246-D39AF6AD0F83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "9446F75C-BE15-4DAE-9B96-E80F0EF24C0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:aix:*:*:*:*:*",
              "matchCriteriaId": "640F9988-7F33-4440-AB63-2743237BF2B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "C6F52E0B-24A2-4942-9256-ADBBEE3C1BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:linux:*:*:*:*:*",
              "matchCriteriaId": "627E56A7-98F1-4A94-9F76-4C6A9365616B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:solaris:*:*:*:*:*",
              "matchCriteriaId": "9DBCE5C1-CE78-4DEA-A6E7-35B2525052E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:windows:*:*:*:*:*",
              "matchCriteriaId": "CC92F759-749C-4E6A-83B3-C8ADB333054F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:aix:*:*:*:*:*",
              "matchCriteriaId": "30FD4DEA-CB8C-4E90-BE9E-B5C6225371A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "24FE6316-E7FB-474B-B61B-38F72D6EE632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:linux:*:*:*:*:*",
              "matchCriteriaId": "45610195-E2DF-480B-898B-32EE8707D3E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:solaris:*:*:*:*:*",
              "matchCriteriaId": "D16FC5E6-87A6-4594-8E1F-8DEBA7A7326B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:windows:*:*:*:*:*",
              "matchCriteriaId": "F1503B4A-3C40-45E4-9C2F-347CDF419752",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:aix:*:*:*:*:*",
              "matchCriteriaId": "3F54309A-BA0E-447A-A115-DDBC20F6B2FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "55F55D9D-3016-4AB1-84B3-20FEE3CD0A98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:linux:*:*:*:*:*",
              "matchCriteriaId": "C518666C-29DE-45C0-A68D-74B5E2CEBBBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:solaris:*:*:*:*:*",
              "matchCriteriaId": "C9C156A0-A869-4D16-955D-EC9A6696260C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:windows:*:*:*:*:*",
              "matchCriteriaId": "A3BD177C-6CF6-463D-8999-830DA1BF3E38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:aix:*:*:*:*:*",
              "matchCriteriaId": "55D8F159-5A2D-4CB6-A7B9-7DCF8A9B82C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "F7E8AA7B-4E40-41B9-8940-95B5F00E11DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:linux:*:*:*:*:*",
              "matchCriteriaId": "C91A9870-C75D-4B49-B1F5-E9CF054D3CA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "B7C7E16D-AC11-4FC0-9534-799926E525EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:windows:*:*:*:*:*",
              "matchCriteriaId": "C1B953D1-0B8F-4C6F-8485-E5E942593015",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the CLR stored procedure deployment from IBM Database Add-Ins for Visual Studio in the Visual Studio Net component in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 2 allows remote authenticated users to execute arbitrary code via unknown vectors."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad no especificada en la implementaci\u00f3n del procedimiento almacenado CLR de Database Add-Ins de IBM para Visual Studio en el componente Visual Studio Net en DB2 de IBM versi\u00f3n 9.1 anterior a Fixpak 5 y versi\u00f3n 9.5 anterior a Fixpak 2,  permite a los usuarios autenticados remotos ejecutar c\u00f3digo arbitrario por medio de vectores desconocidos."
    }
  ],
  "id": "CVE-2008-3852",
  "lastModified": "2024-11-21T00:50:16.507",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-08-28T17:41:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30558"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31635"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR28431"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR28432"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21293566"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/496405/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1020761"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/1769"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2445"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42927"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44697"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30558"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31635"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR28431"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR28432"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21293566"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/496405/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020761"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/1769"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2445"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42927"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44697"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        },
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-08-18 21:17

Modified

2024-11-21 00:35

Severity ?

Summary

Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows attackers to execute arbitrary code via a long DASPROF and possibly other environment variables, which are copied into the buildDasPaths buffer.

References

URL	Tags
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=583
cve@mitre.org	http://secunia.com/advisories/26471	Patch, Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1018581
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY97346
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY99311
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255352	Patch
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
cve@mitre.org	http://www.attrition.org/pipermail/vim/2007-August/001765.html
cve@mitre.org	http://www.securityfocus.com/bid/25339
cve@mitre.org	http://www.vupen.com/english/advisories/2007/2912
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/36067
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=583
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26471	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018581
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY97346
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY99311
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255352	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.attrition.org/pipermail/vim/2007-August/001765.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/25339
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2912
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/36067

Impacted products

	Vendor	Product	Version
	ibm	db2_universal_database	*
	ibm	db2_universal_database	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp14:*:*:*:*:*:*",
              "matchCriteriaId": "A896A825-6BBF-46A4-992D-F80CC0A93D5C",
              "versionEndIncluding": "8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:*:fp2:*:*:*:*:*",
              "matchCriteriaId": "AD1AACA4-8B6E-4DC7-A63D-7F6D1D1C7575",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows attackers to execute arbitrary code via a long DASPROF and possibly other environment variables, which are copied into the buildDasPaths buffer."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en IBM DB2 UDB 8 anterior a Fixpak 15 y 9.1 anterior a Fixpak 3 permite a atacantes ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un largo DASPROF y posiblemente otras variables de entorno, las cuales son copiadas dentro del b\u00fafer buildDasPaths."
    }
  ],
  "id": "CVE-2007-4276",
  "lastModified": "2024-11-21T00:35:12.727",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-08-18T21:17:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=583"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26471"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1018581"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY97346"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY99311"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/25339"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/2912"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36067"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=583"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26471"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1018581"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY97346"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY99311"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/25339"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2912"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36067"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2010-10-05 18:00

Modified

2024-11-21 01:19

Severity ?

Summary

The audit facility in the Security component in IBM DB2 UDB 9.5 before FP6a uses instance-level audit settings to capture connection (aka CONNECT and AUTHENTICATION) events in certain circumstances in which database-level audit settings were intended, which might make it easier for remote attackers to connect without discovery.

References

URL	Tags
cve@mitre.org	ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg1JR34218	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1JR34218	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	*
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp6:*:*:*:*:*:*",
              "matchCriteriaId": "1981C2E5-E186-48A7-B977-7FB8A7DBB6EE",
              "versionEndIncluding": "9.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F01421A6-B4B4-4F86-87D3-B11AEC1258CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp1:*:*:*:*:*:*",
              "matchCriteriaId": "5B561679-68AF-4586-919A-83D47195F9FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp2:*:*:*:*:*:*",
              "matchCriteriaId": "D66FF5FC-E01A-4DE9-B344-FA20941C806B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp2a:*:*:*:*:*:*",
              "matchCriteriaId": "430BE300-8260-4966-A282-B69C67B6511C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp3:*:*:*:*:*:*",
              "matchCriteriaId": "83FB7558-610A-4218-A347-74E1BF4509CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp3a:*:*:*:*:*:*",
              "matchCriteriaId": "DCA815B1-EF9D-4F43-A51E-2E808FE124C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp3b:*:*:*:*:*:*",
              "matchCriteriaId": "F4EB46DD-C3DF-4509-9B2E-AFEF7F3EA0D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp4:*:*:*:*:*:*",
              "matchCriteriaId": "ECF24F65-D158-4627-8E0C-C700CCF803D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp4a:*:*:*:*:*:*",
              "matchCriteriaId": "0445F99B-1AC4-43CE-85EF-7F0BC1AA093D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp5:*:*:*:*:*:*",
              "matchCriteriaId": "61533220-2A4F-4BEE-A6BA-27AF0CB2998E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The audit facility in the Security component in IBM DB2 UDB 9.5 before FP6a uses instance-level audit settings to capture connection (aka CONNECT and AUTHENTICATION) events in certain circumstances in which database-level audit settings were intended, which might make it easier for remote attackers to connect without discovery."
    },
    {
      "lang": "es",
      "value": "La caracter\u00edstica de auditor\u00eda en el componente de seguridad de IBM DB2 UDB v9.5 antes de FP6a utiliza la configuraci\u00f3n de auditor\u00eda a nivel de instancia para capturar los eventos de conexi\u00f3n (tambi\u00e9n conocidos como CONNECT y AUTHENTICATION) en determinadas circunstancias, lo que podr\u00eda hacer m\u00e1s f\u00e1cil a atacantes remotos a la hora de conectarse sin ser descubiertos."
    }
  ],
  "id": "CVE-2010-3739",
  "lastModified": "2024-11-21T01:19:29.343",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 6.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-10-05T18:00:33.487",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR34218"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR34218"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2003-10-06 04:00

Modified

2024-11-20 23:45

Severity ?

Summary

Buffer overflow in db2licm in IBM DB2 Universal Data Base 7.2 before Fixpak 10a allows local users to gain root privileges via a long command line argument.

References

URL	Tags
cve@mitre.org	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/db2aixv7/FP10a_U495172/FixpakReadme.txt
cve@mitre.org	http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0114.html
cve@mitre.org	http://marc.info/?l=bugtraq&m=106389919618721&w=2
cve@mitre.org	http://www-3.ibm.com/cgi-bin/db2www/data/db2/udb/winos2unix/support/aparlib.d2w/display_apar_details?aparno=IY47653
cve@mitre.org	http://www.ciac.org/ciac/bulletins/n-154.shtml
cve@mitre.org	http://www.coresecurity.com/common/showdoc.php?idx=366&idxseccion=10
cve@mitre.org	http://www.securityfocus.com/bid/8553	Exploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/db2aixv7/FP10a_U495172/FixpakReadme.txt
af854a3a-2127-422b-91ae-364da2661108	http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0114.html
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=106389919618721&w=2
af854a3a-2127-422b-91ae-364da2661108	http://www-3.ibm.com/cgi-bin/db2www/data/db2/udb/winos2unix/support/aparlib.d2w/display_apar_details?aparno=IY47653
af854a3a-2127-422b-91ae-364da2661108	http://www.ciac.org/ciac/bulletins/n-154.shtml
af854a3a-2127-422b-91ae-364da2661108	http://www.coresecurity.com/common/showdoc.php?idx=366&idxseccion=10
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/8553	Exploit, Patch, Vendor Advisory

Impacted products

	Vendor	Product	Version
	ibm	db2_universal_database	7.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:linux:*:*:*:*:*",
              "matchCriteriaId": "80DE2026-D9F0-4AAA-97E6-F4FB0EBDB265",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in db2licm in IBM DB2 Universal Data Base 7.2 before Fixpak 10a allows local users to gain root privileges via a long command line argument."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en db2licm en IBM DB2 Universal Data Base 7.2 anteriores a Fixpak 10a pemite a usuarios locales obtener privilegios de root mediante un argumento de l\u00ednea de comandos largo."
    }
  ],
  "id": "CVE-2003-0759",
  "lastModified": "2024-11-20T23:45:27.580",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-10-06T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/db2aixv7/FP10a_U495172/FixpakReadme.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0114.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=106389919618721\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-3.ibm.com/cgi-bin/db2www/data/db2/udb/winos2unix/support/aparlib.d2w/display_apar_details?aparno=IY47653"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ciac.org/ciac/bulletins/n-154.shtml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.coresecurity.com/common/showdoc.php?idx=366\u0026idxseccion=10"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/8553"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/db2aixv7/FP10a_U495172/FixpakReadme.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0114.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=106389919618721\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-3.ibm.com/cgi-bin/db2www/data/db2/udb/winos2unix/support/aparlib.d2w/display_apar_details?aparno=IY47653"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ciac.org/ciac/bulletins/n-154.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.coresecurity.com/common/showdoc.php?idx=366\u0026idxseccion=10"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/8553"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-12-31 05:00

Modified

2024-11-21 00:05

Severity ?

Summary

Stack-based buffer overflow in libdb2.so in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long DB2LPORT environment variable.

References

URL	Tags
cve@mitre.org	http://marc.info/?l=bugtraq&m=110495092105541&w=2
cve@mitre.org	http://secunia.com/advisories/12733/	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY62042	Patch
cve@mitre.org	http://www.ngssoftware.com/advisories/db205012005B.txt
cve@mitre.org	http://www.securityfocus.com/bid/11390	Patch
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/17616
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=110495092105541&w=2
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/12733/	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY62042	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.ngssoftware.com/advisories/db205012005B.txt
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/11390	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/17616

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	7.0
ibm	db2_universal_database	7.0
ibm	db2_universal_database	7.0
ibm	db2_universal_database	7.0
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.2
ibm	db2_universal_database	7.2
ibm	db2_universal_database	7.2
ibm	db2_universal_database	7.2
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.0:*:aix:*:*:*:*:*",
              "matchCriteriaId": "889CAF38-6DFA-4185-BB20-62D7AC8E607E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.0:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "74DC6B16-4519-41FC-84A7-DF5D74909018",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6EA810DB-104E-412A-8B6E-DBB5BEE743A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.0:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "515EB611-B1FA-467C-91EF-C5A15BE54C5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "AAB0D5A7-4649-4427-A298-AB8BE83BA898",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "D1065FBC-D8F9-4E61-AA00-E26D10477152",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "56D0096E-8145-4A36-BC18-A9C5C780D1A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "3582B88E-655E-4258-A60D-99D9F01EE698",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:aix:*:*:*:*:*",
              "matchCriteriaId": "F2CD0B87-4557-4EC9-9082-B7F23113D911",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "E77E8381-FC86-406E-8AC5-CA62415665D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:linux:*:*:*:*:*",
              "matchCriteriaId": "80DE2026-D9F0-4AAA-97E6-F4FB0EBDB265",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "E6F25EED-2F22-4066-8EBF-82B78E4518F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:aix:*:*:*:*:*",
              "matchCriteriaId": "95E13DED-D8B2-4895-8540-B0C59CB6E672",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "71C09529-B8EA-4E39-9606-84EFE693A459",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6F180189-FA62-453A-B6F8-134FE12805EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "0656D0A4-E09E-4C5E-9270-931433598B7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "3DC757E1-EC37-48C5-BE72-53184624ACDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "0D220944-974E-4620-86DB-3687CF219294",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "BEB7068D-B900-418A-88A4-6F35122D8302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "D75154B0-4B86-41C7-BD04-9AE21647F27F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in libdb2.so in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long DB2LPORT environment variable."
    }
  ],
  "id": "CVE-2005-4864",
  "lastModified": "2024-11-21T00:05:21.843",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=110495092105541\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/12733/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY62042"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ngssoftware.com/advisories/db205012005B.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/11390"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17616"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=110495092105541\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/12733/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY62042"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ngssoftware.com/advisories/db205012005B.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/11390"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17616"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-11-20 20:46

Modified

2024-11-21 00:39

Severity ?

Summary

Unspecified vulnerability in the DB2DART tool in IBM DB2 UDB 9.1 before Fixpak 4 allows attackers to execute arbitrary commands as the DB2 instance owner, related to invocation of TPUT by DB2DART.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/27667	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03646
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
cve@mitre.org	http://www.securityfocus.com/bid/26450	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3867
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27667	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03646
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26450	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3867

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
microsoft	windows	*
unix	unix	*
ibm	db2_universal_database	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:unix:unix:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7A7C398-5356-45D6-AA5C-53E63BC88DCA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:*:fp3a:*:*:*:*:*",
              "matchCriteriaId": "D90DD96D-B5DE-47CD-94EA-E8C058F8D548",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the DB2DART tool in IBM DB2 UDB 9.1 before Fixpak 4 allows attackers to execute arbitrary commands as the DB2 instance owner, related to invocation of TPUT by DB2DART."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en la herramienta DB2DART en IBM DB2 UDB 9.1 anterior a Fixpak 4 permite a atacantes ejecutar comandos de su elecci\u00f3n como la instancia propietario DB2, relacionado con la invocaci\u00f3n de TPUT por DB2DART."
    }
  ],
  "id": "CVE-2007-6047",
  "lastModified": "2024-11-21T00:39:15.607",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-11-20T20:46:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27667"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03646"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/26450"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/3867"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27667"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03646"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/26450"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3867"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2009-12-02 11:30

Modified

2024-11-21 01:09

Severity ?

Summary

dasauto in IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP1 permits execution by unprivileged user accounts, which has unspecified impact and local attack vectors.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/36890	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/37454	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1023242
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg1IC64759
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40340
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40343
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40352
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21386689	Patch, Vendor Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21403619	Patch, Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2009/3340	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36890	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/37454	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1023242
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IC64759
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40340
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40343
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40352
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21386689	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21403619	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/3340	Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	db2	9.1
ibm	db2	9.1
ibm	db2	9.1
ibm	db2	9.1
ibm	db2	9.1
ibm	db2	9.1
ibm	db2	9.1
ibm	db2	9.1
ibm	db2	9.1
ibm	db2	9.5
ibm	db2	9.5
ibm	db2	9.5
ibm	db2	9.5
ibm	db2	9.5
ibm	db2	9.5
ibm	db2	9.7
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp1:*:*:*:*:*:*",
              "matchCriteriaId": "2AF419E7-F2B5-4E2A-B85D-C0EC6C1DEA4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp2:*:*:*:*:*:*",
              "matchCriteriaId": "95BBA3F1-C276-4C30-BFE5-9CE212BEBEFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp3:*:*:*:*:*:*",
              "matchCriteriaId": "4DF01163-F805-4FC8-9836-462034D1B5CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp3a:*:*:*:*:*:*",
              "matchCriteriaId": "E570E88C-35F8-4E12-8121-20536AC8A0AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp4:*:*:*:*:*:*",
              "matchCriteriaId": "757E30FB-2EFB-4B3D-9931-17D584D433A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp5:*:*:*:*:*:*",
              "matchCriteriaId": "47455B4A-6E10-417F-9974-B0AA7F3180FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp6:*:*:*:*:*:*",
              "matchCriteriaId": "84156C5B-EFC6-4733-A868-C3C51CFBA7CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp6a:*:*:*:*:*:*",
              "matchCriteriaId": "FA8ABABB-F84D-41F0-A894-56911AF6E7E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp7:*:*:*:*:*:*",
              "matchCriteriaId": "3D511307-1EBB-408B-BCDE-C6BEFCF154C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.5:fp1:*:*:*:*:*:*",
              "matchCriteriaId": "58147402-53D5-4F15-862B-EE3DCCD75E2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.5:fp2:*:*:*:*:*:*",
              "matchCriteriaId": "D3F3CB5E-D4FB-4C03-B108-06CC358B1F45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.5:fp2a:*:*:*:*:*:*",
              "matchCriteriaId": "CB2EA14A-878A-4D8D-B17A-568712D21C48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.5:fp3:*:*:*:*:*:*",
              "matchCriteriaId": "84C925CD-E753-401F-9EC0-6E3D9861C818",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.5:fp3a:*:*:*:*:*:*",
              "matchCriteriaId": "651D042C-A9F1-42D1-A6DD-95ADBCD08448",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.5:fp3b:*:*:*:*:*:*",
              "matchCriteriaId": "0A589323-B8B8-4CB4-B1A9-B9E771C99123",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE1C4DE6-EB32-4A31-9FAA-D8DA31D8CF05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BB95F92-EA60-4301-99AD-AC8DA2491086",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp1:aix:*:*:*:*:*",
              "matchCriteriaId": "E9D53A45-A270-47A6-8E52-4EFD20B60454",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp1:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "1DC0FD0B-BB91-4881-8BEF-2FF5DEE799FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp1:linux:*:*:*:*:*",
              "matchCriteriaId": "C4D89C55-70BA-4DEB-A3CB-93F1F01BBB8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp10:aix:*:*:*:*:*",
              "matchCriteriaId": "F805BA54-A413-46EC-A1C0-EEE5A8FB3C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp10:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "DAA10457-D52B-4AE5-8635-E072B5E25662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp10:linux:*:*:*:*:*",
              "matchCriteriaId": "F9EF7B04-D200-4648-AD26-D78BD8B032FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp10:solaris:*:*:*:*:*",
              "matchCriteriaId": "EB3DA89D-B79A-4B02-A287-C505D1FE8004",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp11:aix:*:*:*:*:*",
              "matchCriteriaId": "D52430A4-018F-4342-A1F5-4093CBBCFFED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp11:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "7A1C82E1-F8EF-40CD-ACDD-081FFC268FBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp11:linux:*:*:*:*:*",
              "matchCriteriaId": "C1B22E99-C013-49B3-BE3E-DB9DB685CA03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp11:solaris:*:*:*:*:*",
              "matchCriteriaId": "9173E3FB-1DA9-4DD8-A08F-8A730BEB27B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp12:aix:*:*:*:*:*",
              "matchCriteriaId": "58D0932B-A52A-48BB-ADFB-AEB17FCF69E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp12:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "F63AA153-396F-43AC-8CB0-8E27F119FF5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp12:linux:*:*:*:*:*",
              "matchCriteriaId": "7C132382-0C33-4E9B-878B-2C626D34DB10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp12:solaris:*:*:*:*:*",
              "matchCriteriaId": "C1C093DF-FCD2-47FC-8C8E-1468A5FA06B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp13:aix:*:*:*:*:*",
              "matchCriteriaId": "27E209D3-741C-4BD6-AE5A-A52C0C0EAEA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp13:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "AA4A6254-B6BB-42DB-9E2F-7AA960AD8C41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp13:linux:*:*:*:*:*",
              "matchCriteriaId": "BEBC3282-413E-4A0C-BDEA-B5671BF51F71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp13:solaris:*:*:*:*:*",
              "matchCriteriaId": "45802AC3-78BB-4190-AB93-B67F586B94C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp14:aix:*:*:*:*:*",
              "matchCriteriaId": "99270F25-D30F-4120-9FA2-35C39CEEC8B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp14:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "BDD49D30-7ACF-4A33-B92D-C66BE9929BE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp14:linux:*:*:*:*:*",
              "matchCriteriaId": "3664CEE2-0449-452B-A934-170F0349A57C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp14:solaris:*:*:*:*:*",
              "matchCriteriaId": "4A9A7663-3322-45A9-A5D8-E0970336F68D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp15:aix:*:*:*:*:*",
              "matchCriteriaId": "D6B6EAB4-5A66-4BEB-B38B-DA0124DD6F57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp15:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "9BC307F3-A9A0-4C48-8983-64B1B237AAF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp15:linux:*:*:*:*:*",
              "matchCriteriaId": "44C9C5AF-26E2-4C0F-9816-0CF3EE02A838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp15:solaris:*:*:*:*:*",
              "matchCriteriaId": "68018945-8F40-436E-9981-4C3B62EAD28E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp16:aix:*:*:*:*:*",
              "matchCriteriaId": "09E620E2-55BF-480C-9698-113505F90BFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp16:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "B74F7B8A-0E7C-4190-AF4E-2389F18997E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp16:linux:*:*:*:*:*",
              "matchCriteriaId": "9263F04B-FF63-4DF7-8C77-C6CE7B67BFD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp16:solaris:*:*:*:*:*",
              "matchCriteriaId": "F88DCFD5-CB47-49C9-99CD-8D46827A02B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp2:aix:*:*:*:*:*",
              "matchCriteriaId": "A24425DA-1FAC-43BC-86F3-1E561277AF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp2:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "23BB5DCC-CC6E-4118-B0D4-DEE6EA54D05A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp2:linux:*:*:*:*:*",
              "matchCriteriaId": "E6097C8C-41B1-4CC8-AAD3-3731D103093B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp2:solaris:*:*:*:*:*",
              "matchCriteriaId": "1DF33116-6CB4-48B2-BF23-632F185EB7CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp3:aix:*:*:*:*:*",
              "matchCriteriaId": "6A3A0A74-100A-4B37-8D45-3F59FE403D63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp3:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "741D3457-DA96-4AF1-A036-7FAF640C8D27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp3:linux:*:*:*:*:*",
              "matchCriteriaId": "D55F0E1F-2905-4ABC-9A9B-FF62299F679D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp3:solaris:*:*:*:*:*",
              "matchCriteriaId": "12EB2606-33BE-4253-94B7-43E76F0BB430",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4:aix:*:*:*:*:*",
              "matchCriteriaId": "55E1A553-1786-489D-9BE2-60D7348FD8F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "E8C502A3-56DA-4104-BCAC-3E5D454D49F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4:linux:*:*:*:*:*",
              "matchCriteriaId": "F98FA787-A7E7-45BA-A3DC-F25C2FC74A10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4:solaris:*:*:*:*:*",
              "matchCriteriaId": "2C8DA7D4-0375-412A-9DDF-E31D6D1CD5C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4a:aix:*:*:*:*:*",
              "matchCriteriaId": "58F68270-C74E-415E-A8C1-3FE5940B8DD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4a:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "F677E182-A145-42D0-8580-8467279938CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4a:linux:*:*:*:*:*",
              "matchCriteriaId": "D02E2CF9-CE08-4B0B-ADD5-1A9AE7DE8B62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4a:solaris:*:*:*:*:*",
              "matchCriteriaId": "AB99106D-14C9-4E95-92BA-0DDF1EF48B29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp5:aix:*:*:*:*:*",
              "matchCriteriaId": "36A0742E-E958-4328-B9A8-2D4BA883926F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp5:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "13FE19E6-67FD-450F-9129-8DCF4707C0BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp5:linux:*:*:*:*:*",
              "matchCriteriaId": "8A8E27E2-4470-40B6-BE35-3B96D375D891",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp5:solaris:*:*:*:*:*",
              "matchCriteriaId": "045B87AF-476D-4A13-88E4-C0ADF8F1374D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6:aix:*:*:*:*:*",
              "matchCriteriaId": "16E17C4B-C233-4C27-90DF-34802571EFBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "B2C32CFE-2C37-44B4-B05F-B4B41ADEEB17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6:linux:*:*:*:*:*",
              "matchCriteriaId": "A32039C1-C940-4ACC-8236-6C48286CD8EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6:solaris:*:*:*:*:*",
              "matchCriteriaId": "9E792924-8741-42EA-B091-521A8D806393",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6a:aix:*:*:*:*:*",
              "matchCriteriaId": "1BCDD273-AA59-427A-A13C-21D2D18862C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6a:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "63FB9C7D-72AB-40B8-B9A0-107707AB970D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6a:linux:*:*:*:*:*",
              "matchCriteriaId": "BFDEB3C4-261D-4A44-898F-0972C4E0BADD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6a:solaris:*:*:*:*:*",
              "matchCriteriaId": "711D578D-53FA-4FE3-87D4-49E8A6B27645",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6b:aix:*:*:*:*:*",
              "matchCriteriaId": "8AC7F72B-8BC0-4186-9EA7-B1B4CF4DE029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6b:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "492DF384-0687-409F-A416-D545E3CA4B1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6b:linux:*:*:*:*:*",
              "matchCriteriaId": "A1ACA5ED-C596-48A4-A60F-AF29457D8E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6b:solaris:*:*:*:*:*",
              "matchCriteriaId": "17C07869-F96F-409A-A5A8-DAEF37513442",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6c:aix:*:*:*:*:*",
              "matchCriteriaId": "0A7DFEC9-AF38-457A-A4E6-77EFFDEC6E8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6c:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "BEF40CF8-4858-4AD2-9136-B9E7742609E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6c:linux:*:*:*:*:*",
              "matchCriteriaId": "02AEA3AF-76F2-479E-97FF-259228157219",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6c:solaris:*:*:*:*:*",
              "matchCriteriaId": "D9C4CF66-D4BA-4C00-8891-BEEB0DD665A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7:aix:*:*:*:*:*",
              "matchCriteriaId": "28589727-AE9E-4181-8B41-46192B593E98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "F458C66B-ACE1-4315-A8CC-4CEFAD41028D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7:linux:*:*:*:*:*",
              "matchCriteriaId": "83642434-B93C-450B-99EA-270008B4E37D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7:solaris:*:*:*:*:*",
              "matchCriteriaId": "F2AD8AC6-239A-4CFE-9D9E-8A841A867725",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7a:aix:*:*:*:*:*",
              "matchCriteriaId": "5187C464-0B04-4D29-8700-F4D9359F0564",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7a:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "9A1A163A-AA78-48E1-9C86-C8A1A1A29929",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7a:linux:*:*:*:*:*",
              "matchCriteriaId": "20AC001E-4C76-42CB-A8BC-790BD0C39F98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7a:solaris:*:*:*:*:*",
              "matchCriteriaId": "4B4F776B-5914-4BDE-9C2F-84E3795FA788",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7b:aix:*:*:*:*:*",
              "matchCriteriaId": "11D13957-FDE1-4B00-8753-BA94C0DAA249",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7b:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "C18FB58D-6EC6-4CDD-912B-18A17F7E957B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7b:linux:*:*:*:*:*",
              "matchCriteriaId": "2045E0EA-B405-4BF0-A817-34E79317F46F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7b:solaris:*:*:*:*:*",
              "matchCriteriaId": "4541F041-F2F4-4491-BDBE-4215A75E832C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8:aix:*:*:*:*:*",
              "matchCriteriaId": "2F7D3287-9D4C-4AA7-8232-3543369397CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "BA5B0AA2-E067-4FFF-ADE1-145D8A1C1B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8:linux:*:*:*:*:*",
              "matchCriteriaId": "0C35EA9D-DEFE-4B81-B5C9-51103273F661",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8:solaris:*:*:*:*:*",
              "matchCriteriaId": "C92BCF46-BEBF-433C-A095-44E6F7A16E3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8a:aix:*:*:*:*:*",
              "matchCriteriaId": "308D7247-F21E-4199-BA14-FE318637F3C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8a:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "84E99600-0016-4FD9-BFC9-D2CD913012BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8a:linux:*:*:*:*:*",
              "matchCriteriaId": "0CBA4D6B-4C07-4780-8760-00F82D0016E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8a:solaris:*:*:*:*:*",
              "matchCriteriaId": "332C4CED-4E32-48C6-BF91-43409E0C7D8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9:aix:*:*:*:*:*",
              "matchCriteriaId": "1F5AD43F-1D06-447F-8B66-89207DE3AECA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "CEC1C774-2AD9-4EBA-AB11-70135F20D006",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9:linux:*:*:*:*:*",
              "matchCriteriaId": "5CE1E38B-FEA7-45CE-A50E-A4670AB925EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9:solaris:*:*:*:*:*",
              "matchCriteriaId": "BDC3F77B-9C7C-4D56-B575-FFFF0AD51E3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9a:aix:*:*:*:*:*",
              "matchCriteriaId": "F9D03647-B68E-4950-A718-7E83135A8BE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9a:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "27F207B6-B5E8-4972-B315-106F4903B8B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9a:linux:*:*:*:*:*",
              "matchCriteriaId": "C934F5CD-7E30-497E-9DD8-BB92646B81E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9a:solaris:*:*:*:*:*",
              "matchCriteriaId": "43D68C54-E197-43AD-94CF-AA2CF1B2D76C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "dasauto in IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP1 permits execution by unprivileged user accounts, which has unspecified impact and local attack vectors."
    },
    {
      "lang": "es",
      "value": "dasauto en IBM DB2 v8 anterior a FP18, v9.1 anterior a FP8, v9.5 anterior a FP4, y v9.7 anterior a FP1, permite la ejecuci\u00f3n a trav\u00e9s de cuentas de usuario sin privilegios, lo que tiene un impacto y vectores de ataque no especificados."
    }
  ],
  "id": "CVE-2009-4150",
  "lastModified": "2024-11-21T01:09:02.217",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-12-02T11:30:00.627",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36890"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37454"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1023242"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC64759"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40340"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40343"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40352"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21386689"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21403619"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/3340"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36890"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37454"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1023242"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC64759"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40340"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40343"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40352"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21386689"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21403619"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/3340"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2006-06-19 10:02

Modified

2024-11-21 00:12

Severity ?

Summary

Multiple unspecified vulnerabilities in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allow remote attackers to cause a denial of service (application crash) via a (1) "long column list" in the (a) REPLACE INTO and (b) INSERT INTO portions of the LOAD command or a (2) large number of values in an IN clause, possibly related to a buffer overflow.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/20579	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY76767	Patch
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY82725	Patch
cve@mitre.org	http://www.osvdb.org/27992
cve@mitre.org	http://www.osvdb.org/27993
cve@mitre.org	http://www.osvdb.org/29860
cve@mitre.org	http://www.vupen.com/english/advisories/2006/2332
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/27099
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/27101
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20579	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY76767	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY82725	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/27992
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/27993
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/29860
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/2332
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/27099
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/27101

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	*
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:*:fp11:*:*:*:*:*",
              "matchCriteriaId": "0BA96128-8431-4A06-944E-5DE3B35F6DB8",
              "versionEndIncluding": "8.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:fp9:*:*:*:*:*:*",
              "matchCriteriaId": "047ACB09-E3E2-426D-8C9E-D3EF1955FC1F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:fp10:*:*:*:*:*",
              "matchCriteriaId": "F26F3B4E-088A-462B-8185-06B4F688B69F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:fp8:*:*:*:*:*",
              "matchCriteriaId": "86B9DD77-324F-40AC-9107-793DDD86C974",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple unspecified vulnerabilities in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allow remote attackers to cause a denial of service (application crash) via a (1) \"long column list\" in the (a) REPLACE INTO and (b) INSERT INTO portions of the LOAD command or a (2) large number of values in an IN clause, possibly related to a buffer overflow."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades no especificadas en IBM DB2 Universal Database (UDB), anterior a v8.1 FixPak 12 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) a trav\u00e9s de un (1) \"lista larga columna\" en el REPLACE (a) e INSERT INTO (b) en porciones del comando de carga o un n\u00famero (2) gran cantidad de valores en una cl\u00e1usula IN, posiblemente relacionado con un desbordamiento de b\u00fafer."
    }
  ],
  "id": "CVE-2006-3067",
  "lastModified": "2024-11-21T00:12:44.527",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-06-19T10:02:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20579"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY76767"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY82725"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/27992"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/27993"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/29860"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/2332"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27099"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27101"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20579"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY76767"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY82725"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/27992"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/27993"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/29860"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/2332"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27099"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27101"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-12-31 05:00

Modified

2024-11-21 00:05

Severity ?

Summary

Stack-based buffer overflow in JDBC Applet Server in IBM DB2 8.1 allows remote attackers to execute arbitrary by connecting and sending a long username, then disconnecting gracefully and reconnecting and sending a short username and an unexpected db2java.zip version, which causes a null terminator to be removed and leads to the overflow.

References

URL	Tags
cve@mitre.org	http://marc.info/?l=bugtraq&m=110495251101381&w=2
cve@mitre.org	http://secunia.com/advisories/12733/	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY61492
cve@mitre.org	http://www.nextgenss.com/advisories/db205012005D.txt
cve@mitre.org	http://www.securityfocus.com/bid/11401	Patch
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/17613
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=110495251101381&w=2
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/12733/	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY61492
af854a3a-2127-422b-91ae-364da2661108	http://www.nextgenss.com/advisories/db205012005D.txt
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/11401	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/17613

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	7.0
ibm	db2_universal_database	7.0
ibm	db2_universal_database	7.0
ibm	db2_universal_database	7.0
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.2
ibm	db2_universal_database	7.2
ibm	db2_universal_database	7.2
ibm	db2_universal_database	7.2
ibm	db2_universal_database	7.2
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.0:*:aix:*:*:*:*:*",
              "matchCriteriaId": "889CAF38-6DFA-4185-BB20-62D7AC8E607E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.0:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "74DC6B16-4519-41FC-84A7-DF5D74909018",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6EA810DB-104E-412A-8B6E-DBB5BEE743A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.0:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "515EB611-B1FA-467C-91EF-C5A15BE54C5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "AAB0D5A7-4649-4427-A298-AB8BE83BA898",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "D1065FBC-D8F9-4E61-AA00-E26D10477152",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "56D0096E-8145-4A36-BC18-A9C5C780D1A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "3582B88E-655E-4258-A60D-99D9F01EE698",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "BE7D9100-F344-49B7-A542-2A7035FBFF41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:aix:*:*:*:*:*",
              "matchCriteriaId": "F2CD0B87-4557-4EC9-9082-B7F23113D911",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "E77E8381-FC86-406E-8AC5-CA62415665D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:linux:*:*:*:*:*",
              "matchCriteriaId": "80DE2026-D9F0-4AAA-97E6-F4FB0EBDB265",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "E6F25EED-2F22-4066-8EBF-82B78E4518F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:windows:*:*:*:*:*",
              "matchCriteriaId": "6EBDEDDF-DBBA-4CD9-8CDE-5182246936D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:aix:*:*:*:*:*",
              "matchCriteriaId": "95E13DED-D8B2-4895-8540-B0C59CB6E672",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "71C09529-B8EA-4E39-9606-84EFE693A459",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6F180189-FA62-453A-B6F8-134FE12805EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "0656D0A4-E09E-4C5E-9270-931433598B7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:windows:*:*:*:*:*",
              "matchCriteriaId": "39F9063B-982D-46C0-BE50-57DAE0F83174",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "3DC757E1-EC37-48C5-BE72-53184624ACDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "0D220944-974E-4620-86DB-3687CF219294",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "BEB7068D-B900-418A-88A4-6F35122D8302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "D75154B0-4B86-41C7-BD04-9AE21647F27F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "620663C7-8AA1-430F-AF00-32F5EF7C65B6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in JDBC Applet Server in IBM DB2 8.1 allows remote attackers to execute arbitrary by connecting and sending a long username, then disconnecting gracefully and reconnecting and sending a short username and an unexpected db2java.zip version, which causes a null terminator to be removed and leads to the overflow."
    }
  ],
  "id": "CVE-2005-4866",
  "lastModified": "2024-11-21T00:05:22.150",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.8,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=110495251101381\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/12733/"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY61492"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.nextgenss.com/advisories/db205012005D.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/11401"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17613"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=110495251101381\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/12733/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY61492"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.nextgenss.com/advisories/db205012005D.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/11401"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17613"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-08-18 21:17

Modified

2024-11-21 00:35

Severity ?

Summary

Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary files via a .. (dot dot) in an unspecified environment variable, which is appended to "/tmp/" and used as a log file. NOTE: this issue might be related to symlink following.

References

URL	Tags
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=579
cve@mitre.org	http://secunia.com/advisories/26471	Patch, Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1018581
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY98210
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY99261	Patch
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255352
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
cve@mitre.org	http://www.attrition.org/pipermail/vim/2007-August/001765.html
cve@mitre.org	http://www.securityfocus.com/bid/25339
cve@mitre.org	http://www.vupen.com/english/advisories/2007/2912
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=579
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26471	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018581
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY98210
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY99261	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255352
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
af854a3a-2127-422b-91ae-364da2661108	http://www.attrition.org/pipermail/vim/2007-August/001765.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/25339
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2912

Impacted products

	Vendor	Product	Version
	ibm	db2_universal_database	*
	ibm	db2_universal_database	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp14:*:*:*:*:*:*",
              "matchCriteriaId": "A896A825-6BBF-46A4-992D-F80CC0A93D5C",
              "versionEndIncluding": "8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:*:fp2:*:*:*:*:*",
              "matchCriteriaId": "AD1AACA4-8B6E-4DC7-A63D-7F6D1D1C7575",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary files via a .. (dot dot) in an unspecified environment variable, which is appended to \"/tmp/\" and used as a log file.  NOTE: this issue might be related to symlink following."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de salto de directorio en IBM DB2 UDB 8 anterior a Fixpak 15 y 9.1 anterior Fixpak 3 permite a usuarios locales crear archivos de su elecci\u00f3n a trav\u00e9s de la secuencia .. (punto punto) en una variables de entorno no espec\u00edficada, la cual se encuentra a\u00f1adida a \"/tmp/\" y es utilizada como fichero de log. NOTA: este asunto podr\u00eda estar relacionado con el seguimiento de enlaces simb\u00f3licos."
    }
  ],
  "id": "CVE-2007-4271",
  "lastModified": "2024-11-21T00:35:11.793",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-08-18T21:17:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=579"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26471"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1018581"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98210"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY99261"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/25339"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/2912"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=579"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26471"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1018581"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98210"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY99261"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/25339"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2912"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2008-04-16 18:05

Modified

2024-11-21 00:38

Severity ?

Summary

Stack-based buffer overflow in db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to execute arbitrary code via a long DASPROF environment variable.

References

URL	Tags
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=689
cve@mitre.org	http://secunia.com/advisories/29784	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/27870	Exploit
cve@mitre.org	http://www.securitytracker.com/id?1019853
cve@mitre.org	http://www.vupen.com/english/advisories/2008/1237/references
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/41847
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=689
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29784	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/27870	Exploit
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1019853
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1237/references
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/41847

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	8
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BB95F92-EA60-4301-99AD-AC8DA2491086",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "01B696CD-C61F-4FDF-A51C-E62CB843BF5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F01421A6-B4B4-4F86-87D3-B11AEC1258CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to execute arbitrary code via a long DASPROF environment variable."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en pila en db2dasrrm del DB2 Administration Server (DAS) en IBM DB2 Universal Database 9.5 anterior a Fix Pack 1, 9.1 anterior a Fix Pack 4a, y 8 anterior a FixPak 16; permite a usuarios locales ejecutar c\u00f3digo de su elecci\u00f3n mediante una larga variable de entorno DASPROF."
    }
  ],
  "id": "CVE-2007-5758",
  "lastModified": "2024-11-21T00:38:37.787",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-04-16T18:05:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=689"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29784"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/27870"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1019853"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/1237/references"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41847"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=689"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29784"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit"
      ],
      "url": "http://www.securityfocus.com/bid/27870"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1019853"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1237/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41847"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-11-20 20:46

Modified

2024-11-21 00:39

Severity ?

Summary

IBM DB2 UDB 9.1 before Fixpak 4 assigns incorrect privileges to the (1) DB2ADMNS and (2) DB2USERS alternative groups, which has unknown impact. NOTE: the vendor description of this issue is too vague to be certain that it is security-related.

References

URL	Tags
cve@mitre.org	http://osvdb.org/41011
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1JR26854
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
cve@mitre.org	http://www.securityfocus.com/bid/26450	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3867
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/41011
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1JR26854
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26450	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3867

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
microsoft	windows	*
unix	unix	*
ibm	db2_universal_database	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:unix:unix:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7A7C398-5356-45D6-AA5C-53E63BC88DCA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:*:fp3a:*:*:*:*:*",
              "matchCriteriaId": "D90DD96D-B5DE-47CD-94EA-E8C058F8D548",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 UDB 9.1 before Fixpak 4 assigns incorrect privileges to the (1) DB2ADMNS and (2) DB2USERS alternative groups, which has unknown impact.  NOTE: the vendor description of this issue is too vague to be certain that it is security-related."
    },
    {
      "lang": "es",
      "value": "IBM DB2 UDB 9.1 anterior a Fixpak 4 asigna privilegios incorrectos en los grupos alternativos (1) DB2ADMNS y (2) DB2USERS, lo cual tiene un impacto desconocido. NOTA: la descripci\u00f3n del vendedor de este asunto es muy vaga para afirmar que se trata de un asunto de seguridad."
    }
  ],
  "id": "CVE-2007-6051",
  "lastModified": "2024-11-21T00:39:16.167",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-11-20T20:46:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/41011"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR26854"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/26450"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/3867"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/41011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR26854"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/26450"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3867"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2008-04-16 18:05

Modified

2024-11-21 00:38

Severity ?

Summary

db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to overwrite arbitrary files via a symlink attack on files used for initialization.

References

URL	Tags
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=688
cve@mitre.org	http://secunia.com/advisories/29784	Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/27870	Patch
cve@mitre.org	http://www.securitytracker.com/id?1019852
cve@mitre.org	http://www.vupen.com/english/advisories/2008/1237/references
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/41848
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=688
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29784	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/27870	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1019852
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1237/references
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/41848

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	8
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BB95F92-EA60-4301-99AD-AC8DA2491086",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "01B696CD-C61F-4FDF-A51C-E62CB843BF5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F01421A6-B4B4-4F86-87D3-B11AEC1258CC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to overwrite arbitrary files via a symlink attack on files used for initialization."
    },
    {
      "lang": "es",
      "value": "db2dasrrm en DB2 Administration Server (DAS) de IBM DB2 Universal Database 9.5 anterior al Fix Pack 1, 9.1 anterior al Fix Pack 4a, y 8 anterior al FixPak 16, permite a usuarios locales sobrescribir ficheros de su elecci\u00f3n a trav\u00e9s de un ataque de enlace simb\u00f3lico sobre archivos usados para su inicializaci\u00f3n."
    }
  ],
  "id": "CVE-2007-5664",
  "lastModified": "2024-11-21T00:38:25.370",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-04-16T18:05:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=688"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29784"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/27870"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1019852"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/1237/references"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41848"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=688"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29784"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/27870"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1019852"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1237/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41848"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-59"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2003-10-06 04:00

Modified

2024-11-20 23:45

Severity ?

Summary

The DB2 Discovery Service for IBM DB2 before FixPak 10a allows remote attackers to cause a denial of service (crash) via a long packet to UDP port 523.

References

▼	URL	Tags
	cve@mitre.org	http://marc.info/?l=bugtraq&m=106399616919636&w=2
	cve@mitre.org	http://www-1.ibm.com/support/search.wss?rs=0&q=IY47686&apar=only
	af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=106399616919636&w=2
	af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/search.wss?rs=0&q=IY47686&apar=only

Impacted products

	Vendor	Product	Version
	ibm	db2_universal_database	7.1
	ibm	db2_universal_database	7.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "56D0096E-8145-4A36-BC18-A9C5C780D1A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:linux:*:*:*:*:*",
              "matchCriteriaId": "80DE2026-D9F0-4AAA-97E6-F4FB0EBDB265",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The DB2 Discovery Service for IBM DB2 before FixPak 10a allows remote attackers to cause a denial of service (crash) via a long packet to UDP port 523."
    },
    {
      "lang": "es",
      "value": "El servicio de descubierta DB2 de IBM DB2 anteriores a FixPak 10a permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) mediante una paquete largo al puerto UDP 523."
    }
  ],
  "id": "CVE-2003-0827",
  "lastModified": "2024-11-20T23:45:36.907",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-10-06T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=106399616919636\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY47686\u0026apar=only"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=106399616919636\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY47686\u0026apar=only"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-08-18 21:17

Modified

2024-11-21 00:35

Severity ?

Summary

IBM DB2 UDB 8 before Fixpak 15 does not properly check authorization, which allows remote authenticated users with a certain SELECT privilege to have an unknown impact via unspecified vectors. NOTE: this issue is probably related to CVE-2007-1089, but this is uncertain due to lack of details.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/26471	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1JR25940
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255352
cve@mitre.org	http://www.attrition.org/pipermail/vim/2007-August/001765.html
cve@mitre.org	http://www.securityfocus.com/bid/25339
cve@mitre.org	http://www.vupen.com/english/advisories/2007/2912
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/36109
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26471	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1JR25940
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255352
af854a3a-2127-422b-91ae-364da2661108	http://www.attrition.org/pipermail/vim/2007-August/001765.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/25339
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2912
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/36109

Impacted products

	Vendor	Product	Version
	ibm	db2_universal_database	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp14:*:*:*:*:*:*",
              "matchCriteriaId": "A896A825-6BBF-46A4-992D-F80CC0A93D5C",
              "versionEndIncluding": "8.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 UDB 8 before Fixpak 15 does not properly check authorization, which allows remote authenticated users with a certain SELECT privilege to have an unknown impact via unspecified vectors.  NOTE: this issue is probably related to CVE-2007-1089, but this is uncertain due to lack of details."
    },
    {
      "lang": "es",
      "value": "IBM DB2 UDB 8 anterior al Fixpak 15 no comprueba adecuadamente la autorizaci\u00f3n, lo cual permite a usuarios autenticados remotamente con un determinado privilegio SELECT tener un impacto desconocido a trav\u00e9s de vectores no especificados. NOTA: este problema est\u00e1 probablemente relacionado con CVE-2007-1089, pero no est\u00e1 claro debido a una falta de detalles."
    }
  ],
  "id": "CVE-2007-4418",
  "lastModified": "2024-11-21T00:35:32.913",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.5,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-08-18T21:17:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26471"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR25940"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/25339"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/2912"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36109"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26471"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR25940"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/25339"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2912"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36109"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-12-31 05:00

Modified

2024-11-21 00:05

Severity ?

Summary

Stack-based buffer overflow in db2fmp in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long parameter.

References

URL	Tags
cve@mitre.org	http://marc.info/?l=bugtraq&m=110494995113579&w=2
cve@mitre.org	http://secunia.com/advisories/12733	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21181228
cve@mitre.org	http://www-1.ibm.com/support/search.wss?rs=0&q=IY62039&apar=only	Patch
cve@mitre.org	http://www.nextgenss.com/advisories/db205012005A.txt
cve@mitre.org	http://www.securityfocus.com/bid/11397	Patch
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/17615
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=110494995113579&w=2
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/12733	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21181228
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/search.wss?rs=0&q=IY62039&apar=only	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.nextgenss.com/advisories/db205012005A.txt
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/11397	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/17615

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	7.0
ibm	db2_universal_database	7.0
ibm	db2_universal_database	7.0
ibm	db2_universal_database	7.0
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.2
ibm	db2_universal_database	7.2
ibm	db2_universal_database	7.2
ibm	db2_universal_database	7.2
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.0:*:aix:*:*:*:*:*",
              "matchCriteriaId": "889CAF38-6DFA-4185-BB20-62D7AC8E607E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.0:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "74DC6B16-4519-41FC-84A7-DF5D74909018",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6EA810DB-104E-412A-8B6E-DBB5BEE743A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.0:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "515EB611-B1FA-467C-91EF-C5A15BE54C5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "AAB0D5A7-4649-4427-A298-AB8BE83BA898",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "D1065FBC-D8F9-4E61-AA00-E26D10477152",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "56D0096E-8145-4A36-BC18-A9C5C780D1A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "3582B88E-655E-4258-A60D-99D9F01EE698",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:aix:*:*:*:*:*",
              "matchCriteriaId": "F2CD0B87-4557-4EC9-9082-B7F23113D911",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "E77E8381-FC86-406E-8AC5-CA62415665D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:linux:*:*:*:*:*",
              "matchCriteriaId": "80DE2026-D9F0-4AAA-97E6-F4FB0EBDB265",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "E6F25EED-2F22-4066-8EBF-82B78E4518F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "3DC757E1-EC37-48C5-BE72-53184624ACDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "0D220944-974E-4620-86DB-3687CF219294",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "BEB7068D-B900-418A-88A4-6F35122D8302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "D75154B0-4B86-41C7-BD04-9AE21647F27F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in db2fmp in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long parameter."
    }
  ],
  "id": "CVE-2005-4863",
  "lastModified": "2024-11-21T00:05:21.700",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=110494995113579\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/12733"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21181228"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY62039\u0026apar=only"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.nextgenss.com/advisories/db205012005A.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/11397"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17615"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=110494995113579\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/12733"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21181228"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY62039\u0026apar=only"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.nextgenss.com/advisories/db205012005A.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/11397"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17615"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-11-16 21:22

Modified

2024-11-21 00:02

Severity ?

Summary

IBM DB2 Database server running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication and log on to the guest account without supplying a password.

References

▼	URL	Tags
	cve@mitre.org	http://www.ngssoftware.com/papers/database-on-xp.pdf
	cve@mitre.org	http://www.securityfocus.com/bid/15452
	af854a3a-2127-422b-91ae-364da2661108	http://www.ngssoftware.com/papers/database-on-xp.pdf
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/15452

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.2
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1.4
ibm	db2_universal_database	8.1.5
ibm	db2_universal_database	8.1.6
ibm	db2_universal_database	8.1.6c
ibm	db2_universal_database	8.1.7
ibm	db2_universal_database	8.1.7b
ibm	db2_universal_database	8.1.8
ibm	db2_universal_database	8.1.8a
ibm	db2_universal_database	8.1.9
ibm	db2_universal_database	8.1.9a

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "56D0096E-8145-4A36-BC18-A9C5C780D1A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:linux:*:*:*:*:*",
              "matchCriteriaId": "80DE2026-D9F0-4AAA-97E6-F4FB0EBDB265",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6F180189-FA62-453A-B6F8-134FE12805EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "3DC757E1-EC37-48C5-BE72-53184624ACDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DFE3DF2-216B-4E71-99BA-7955E44D853C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "00CFC92D-19AC-4515-A4F0-3744C335D975",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "83BDA3DD-24B4-4D91-969E-2E779A7EB1A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.6c:*:*:*:*:*:*:*",
              "matchCriteriaId": "82E8AF18-6E6D-4923-9303-A082D4D47B2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D309A217-6A82-4B5C-9C5B-ABD6E27457EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.7b:*:*:*:*:*:*:*",
              "matchCriteriaId": "F79242DD-F95B-4038-B6D9-4ABBE3F51836",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "302D906F-312A-4042-976D-6998178102E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.8a:*:*:*:*:*:*:*",
              "matchCriteriaId": "280064D8-0605-488F-AC2D-C2D238F3A69E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DA1AE7F-2417-43FD-9CFC-B17D6D4C6212",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.9a:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D8F7EC6-B67C-470F-8EC3-BC3C72A7989C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 Database server running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication and log on to the guest account without supplying a password."
    }
  ],
  "id": "CVE-2005-3643",
  "lastModified": "2024-11-21T00:02:19.740",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-11-16T21:22:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.ngssoftware.com/papers/database-on-xp.pdf"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/15452"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ngssoftware.com/papers/database-on-xp.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/15452"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2008-08-28 17:41

Modified

2024-11-21 00:50

Severity ?

Summary

Multiple stack-based buffer overflows in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 1 allow remote attackers to cause a denial of service (system outage) via vectors related to (1) use of XQuery to issue statements; the (2) XMLQUERY, (3) XMLEXISTS, and (4) XMLTABLE statements; and the (5) sqlrlaka function.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/30558	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ16346	Patch
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18431
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18434	Patch
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
cve@mitre.org	http://www.securityfocus.com/archive/1/496406/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/29601	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2008/1769	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/42930
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/42935
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30558	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ16346	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18431
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18434	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/496406/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/29601	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1769	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/42930
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/42935

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "0D925911-6225-4B31-9C19-EF40360A9FB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "1961E7E9-35A4-4721-A081-E08D88FC1F42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "806CC0EE-9779-4676-A1FB-13878BAE42F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "C31FA827-1D6D-471A-8246-D39AF6AD0F83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "9446F75C-BE15-4DAE-9B96-E80F0EF24C0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:aix:*:*:*:*:*",
              "matchCriteriaId": "640F9988-7F33-4440-AB63-2743237BF2B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "C6F52E0B-24A2-4942-9256-ADBBEE3C1BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:linux:*:*:*:*:*",
              "matchCriteriaId": "627E56A7-98F1-4A94-9F76-4C6A9365616B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:solaris:*:*:*:*:*",
              "matchCriteriaId": "9DBCE5C1-CE78-4DEA-A6E7-35B2525052E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:windows:*:*:*:*:*",
              "matchCriteriaId": "CC92F759-749C-4E6A-83B3-C8ADB333054F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:aix:*:*:*:*:*",
              "matchCriteriaId": "30FD4DEA-CB8C-4E90-BE9E-B5C6225371A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "24FE6316-E7FB-474B-B61B-38F72D6EE632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:linux:*:*:*:*:*",
              "matchCriteriaId": "45610195-E2DF-480B-898B-32EE8707D3E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:solaris:*:*:*:*:*",
              "matchCriteriaId": "D16FC5E6-87A6-4594-8E1F-8DEBA7A7326B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:windows:*:*:*:*:*",
              "matchCriteriaId": "F1503B4A-3C40-45E4-9C2F-347CDF419752",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:aix:*:*:*:*:*",
              "matchCriteriaId": "3F54309A-BA0E-447A-A115-DDBC20F6B2FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "55F55D9D-3016-4AB1-84B3-20FEE3CD0A98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:linux:*:*:*:*:*",
              "matchCriteriaId": "C518666C-29DE-45C0-A68D-74B5E2CEBBBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:solaris:*:*:*:*:*",
              "matchCriteriaId": "C9C156A0-A869-4D16-955D-EC9A6696260C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:windows:*:*:*:*:*",
              "matchCriteriaId": "A3BD177C-6CF6-463D-8999-830DA1BF3E38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:aix:*:*:*:*:*",
              "matchCriteriaId": "059C886A-FA0B-40DE-A573-A2B4BE7A14BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "7D21AED3-42E7-4C07-8DD3-4DFCC40E1460",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:linux:*:*:*:*:*",
              "matchCriteriaId": "240239CD-9E05-46E0-A42C-13DB5EE8F436",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:solaris:*:*:*:*:*",
              "matchCriteriaId": "BE002DF4-F5FF-4505-8722-37ACCDB2EC11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:windows:*:*:*:*:*",
              "matchCriteriaId": "77828856-BFE6-4D31-90C1-CDB189BA95AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:aix:*:*:*:*:*",
              "matchCriteriaId": "55D8F159-5A2D-4CB6-A7B9-7DCF8A9B82C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "F7E8AA7B-4E40-41B9-8940-95B5F00E11DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:linux:*:*:*:*:*",
              "matchCriteriaId": "C91A9870-C75D-4B49-B1F5-E9CF054D3CA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "B7C7E16D-AC11-4FC0-9534-799926E525EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:windows:*:*:*:*:*",
              "matchCriteriaId": "C1B953D1-0B8F-4C6F-8485-E5E942593015",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple stack-based buffer overflows in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 1 allow remote attackers to cause a denial of service (system outage) via vectors related to (1) use of XQuery to issue statements; the (2) XMLQUERY, (3) XMLEXISTS, and (4) XMLTABLE statements; and the (5) sqlrlaka function."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de b\u00fafer en la regi\u00f3n stack de la memoria en DB2 de IBM versi\u00f3n 9.1 anterior a Fixpak 5 y versi\u00f3n 9.5 anterior a Fixpak 1, permite a atacantes remotos causar una denegaci\u00f3n de servicio (interrupci\u00f3n del sistema) por medio de vectores relacionados con (1) el uso de XQuery para emitir sentencias; las sentencias (2)  XMLQUERY, (3) XMLEXISTS y (4) XMLTABLE; y (5) la funci\u00f3n sqlrlaka."
    }
  ],
  "id": "CVE-2008-3854",
  "lastModified": "2024-11-21T00:50:16.870",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-08-28T17:41:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30558"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ16346"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18431"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18434"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/496406/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/1769"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42930"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42935"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30558"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ16346"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18431"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18434"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/496406/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/1769"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42930"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42935"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-11-20 20:46

Modified

2024-11-21 00:39

Severity ?

Summary

Unspecified vulnerability in unspecified setuid programs in IBM DB2 UDB 9.1 before Fixpak 4 allows local users to have an unknown impact.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/27667	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ07018
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
cve@mitre.org	http://www.securityfocus.com/bid/26450	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3867
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27667	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ07018
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26450	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3867

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
microsoft	windows	*
unix	unix	*
ibm	db2_universal_database	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:unix:unix:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7A7C398-5356-45D6-AA5C-53E63BC88DCA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:*:fp3a:*:*:*:*:*",
              "matchCriteriaId": "D90DD96D-B5DE-47CD-94EA-E8C058F8D548",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in unspecified setuid programs in IBM DB2 UDB 9.1 before Fixpak 4 allows local users to have an unknown impact."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en programas setuid no especificados en IBM DB2 UDB 9.1 anterior a Fixpak 4 permite a usuarios locales tener un impacto desconocido."
    }
  ],
  "id": "CVE-2007-6046",
  "lastModified": "2024-11-21T00:39:14.973",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-11-20T20:46:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27667"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ07018"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/26450"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/3867"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27667"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ07018"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/26450"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3867"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2004-10-20 04:00

Modified

2024-11-20 23:49

Severity ?

Summary

DB2 8.1 remote command server (DB2RCMD.EXE) executes the db2rcmdc.exe program as the db2admin administrator, which allows local users to gain privileges via the DB2REMOTECMD named pipe.

References

URL	Tags
cve@mitre.org	http://marc.info/?l=bugtraq&m=107885081414173&w=2
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY53894	Vendor Advisory
cve@mitre.org	http://www.nextgenss.com/advisories/db2rmtcmd.txt
cve@mitre.org	http://www.securityfocus.com/bid/9821	Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/15420
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=107885081414173&w=2
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY53894	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.nextgenss.com/advisories/db2rmtcmd.txt
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/9821	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/15420

Impacted products

	Vendor	Product	Version
	ibm	db2_universal_database	8.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "3DC757E1-EC37-48C5-BE72-53184624ACDC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "DB2 8.1 remote command server (DB2RCMD.EXE) executes the db2rcmdc.exe program as the db2admin administrator, which allows local users to gain privileges via the DB2REMOTECMD named pipe."
    },
    {
      "lang": "es",
      "value": "El servidor de \u00f3rdenes remoto de DB2 8.1 (DB2RCMD.EXE) ejecuta el programa db2rcmdc.exe como el adminstrador db2admin, lo que permite a usuarios locales ganar privilegios mediante la tuber\u00eda con nombre DB2REMOTECMD."
    }
  ],
  "id": "CVE-2004-0795",
  "lastModified": "2024-11-20T23:49:25.647",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-10-20T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=107885081414173\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY53894"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.nextgenss.com/advisories/db2rmtcmd.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/9821"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15420"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=107885081414173\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY53894"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.nextgenss.com/advisories/db2rmtcmd.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/9821"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15420"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-08-18 21:17

Modified

2024-11-21 00:35

Severity ?

Summary

IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 does not properly revoke privileges on methods, which allows remote authenticated users to execute a method after revocation until the routine auth cache is flushed.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/26471	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY88158
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY88226
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255352
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
cve@mitre.org	http://www.attrition.org/pipermail/vim/2007-August/001765.html
cve@mitre.org	http://www.securityfocus.com/bid/25339
cve@mitre.org	http://www.vupen.com/english/advisories/2007/2912
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/36108
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26471	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY88158
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY88226
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255352
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
af854a3a-2127-422b-91ae-364da2661108	http://www.attrition.org/pipermail/vim/2007-August/001765.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/25339
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2912
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/36108

Impacted products

	Vendor	Product	Version
	ibm	db2_universal_database	*
	ibm	db2_universal_database	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp14:*:*:*:*:*:*",
              "matchCriteriaId": "A896A825-6BBF-46A4-992D-F80CC0A93D5C",
              "versionEndIncluding": "8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:*:fp2:*:*:*:*:*",
              "matchCriteriaId": "AD1AACA4-8B6E-4DC7-A63D-7F6D1D1C7575",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 does not properly revoke privileges on methods, which allows remote authenticated users to execute a method after revocation until the routine auth cache is flushed."
    },
    {
      "lang": "es",
      "value": "IBM DB2 UDB 8 anterior al Fixpak 15 y 9.1 anterior al Fixpak 3 no revoca adecuadamente los privilegios sobre los m\u00e9todos, lo cual permite a usuarios autenticados remotamente ejecutar un m\u00e9todo despu\u00e9s de la revocaci\u00f3n hasta que se renueva la cach\u00e9 de autenticaci\u00f3n de la rutina."
    }
  ],
  "id": "CVE-2007-4417",
  "lastModified": "2024-11-21T00:35:32.757",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.0,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 6.8,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-08-18T21:17:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26471"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY88158"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY88226"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/25339"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/2912"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36108"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26471"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY88158"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY88226"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/25339"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2912"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36108"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-08-18 21:17

Modified

2024-11-21 00:35

Severity ?

Summary

Multiple race conditions in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain root privileges via a symlink attack on certain files.

References

URL	Tags
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=578
cve@mitre.org	http://secunia.com/advisories/26471	Patch, Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1018581
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY98210
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY99261
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255352	Patch
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
cve@mitre.org	http://www.attrition.org/pipermail/vim/2007-August/001765.html
cve@mitre.org	http://www.securityfocus.com/bid/25339
cve@mitre.org	http://www.vupen.com/english/advisories/2007/2912
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/36069
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=578
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26471	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018581
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY98210
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY99261
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255352	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.attrition.org/pipermail/vim/2007-August/001765.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/25339
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2912
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/36069

Impacted products

	Vendor	Product	Version
	ibm	db2_universal_database	*
	ibm	db2_universal_database	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp14:*:*:*:*:*:*",
              "matchCriteriaId": "A896A825-6BBF-46A4-992D-F80CC0A93D5C",
              "versionEndIncluding": "8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:*:fp2:*:*:*:*:*",
              "matchCriteriaId": "AD1AACA4-8B6E-4DC7-A63D-7F6D1D1C7575",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple race conditions in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain root privileges via a symlink attack on certain files."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples condiciones de carrera en IBM DB2 UDB 8 anterior a Fixpak 15 y 9.1 anterior a Fixpak 3 permite a usuarios locales obtener privilegios de root mediante ataque de enlace simb\u00f3lico en ciertos ficheros."
    }
  ],
  "id": "CVE-2007-4270",
  "lastModified": "2024-11-21T00:35:11.630",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-08-18T21:17:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=578"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26471"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1018581"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98210"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY99261"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/25339"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/2912"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36069"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=578"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26471"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1018581"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98210"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY99261"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/25339"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2912"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36069"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2003-11-17 05:00

Modified

2024-11-20 23:45

Severity ?

Summary

Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 for Windows, before Fixpak 10a, allows attackers with "Connect" privileges to execute arbitrary code via the INVOKE command.

References

URL	Tags
cve@mitre.org	http://marc.info/?l=bugtraq&m=106503709914622&w=2
cve@mitre.org	http://www.securityfocus.com/bid/8743	Patch, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/13331
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=106503709914622&w=2
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/8743	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/13331

Impacted products

	Vendor	Product	Version
	ibm	db2_universal_database	7.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:linux:*:*:*:*:*",
              "matchCriteriaId": "80DE2026-D9F0-4AAA-97E6-F4FB0EBDB265",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 for Windows, before Fixpak 10a, allows attackers with \"Connect\" privileges to execute arbitrary code via the INVOKE command."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer basado en la pila en IBM DB2 Universal Data Base 7.2 para Windows anteriores a Fixpak 10a permite a atacantes con privilegio de \"Connect\" ejecutar c\u00f3digo arbitrario mediante el comando INVOKE."
    }
  ],
  "id": "CVE-2003-0837",
  "lastModified": "2024-11-20T23:45:38.300",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-11-17T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=106503709914622\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/8743"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13331"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=106503709914622\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/8743"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13331"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-08-18 21:17

Modified

2024-11-21 00:35

Severity ?

Summary

Multiple vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to create arbitrary files via (1) unspecified vectors where an attacker's umask is honored, (2) /etc/ld.so.preload, (3) certain "cron data file locations", and other unspecified vectors possibly involving the (4) OSSEMEMDBG or (5) TRC_LOG_FILE environment variable in db2licd (db2licm).

References

URL	Tags
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=580
cve@mitre.org	http://secunia.com/advisories/26471	Patch, Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1018581
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY98011
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY98101
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY98210
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255352	Patch
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
cve@mitre.org	http://www.attrition.org/pipermail/vim/2007-August/001765.html
cve@mitre.org	http://www.securityfocus.com/bid/25339
cve@mitre.org	http://www.vupen.com/english/advisories/2007/2912
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/36104
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=580
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26471	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018581
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY98011
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY98101
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY98210
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255352	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.attrition.org/pipermail/vim/2007-August/001765.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/25339
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2912
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/36104

Impacted products

	Vendor	Product	Version
	ibm	db2_universal_database	*
	ibm	db2_universal_database	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp14:*:*:*:*:*:*",
              "matchCriteriaId": "A896A825-6BBF-46A4-992D-F80CC0A93D5C",
              "versionEndIncluding": "8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:*:fp2:*:*:*:*:*",
              "matchCriteriaId": "AD1AACA4-8B6E-4DC7-A63D-7F6D1D1C7575",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to create arbitrary files via (1) unspecified vectors where an attacker\u0027s umask is honored, (2) /etc/ld.so.preload, (3) certain \"cron data file locations\", and other unspecified vectors possibly involving the (4) OSSEMEMDBG or (5) TRC_LOG_FILE environment variable in db2licd (db2licm)."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades en IBM DB2 UDB 8 anterior a Fixpak 15 y 9.1 anterior a Fixpak 3 permite a usuarios locales crear ficheros de su elecci\u00f3n mediante (1) vectores no especificados donde una umask del atacantes es aceptada, (2) /etc/ld.so.preload, (3) ciertas \"localizaciones de ficheros de datos del cron\", y otros vectores no especificados que posiblemente implican las variables de entorno (4) OSSEMEMDBG o (5) TRC_LOG_FILE en db2licd (db2licm)."
    }
  ],
  "id": "CVE-2007-4272",
  "lastModified": "2024-11-21T00:35:12.280",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 1.9,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-08-18T21:17:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=580"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26471"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1018581"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98011"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98101"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98210"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/25339"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/2912"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36104"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=580"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26471"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1018581"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98101"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98210"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/25339"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2912"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36104"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-02-23 22:28

Modified

2024-11-21 00:27

Severity ?

Summary

Unspecified binaries in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allow local users to create or modify arbitrary files via unspecified environment variables related to "unsafe file access."

References

URL	Tags
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=481	Patch
cve@mitre.org	http://osvdb.org/40969
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255747
cve@mitre.org	http://www.attrition.org/pipermail/vim/2007-August/001765.html
cve@mitre.org	http://www.securityfocus.com/bid/22677	Patch
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/32650
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=481	Patch
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/40969
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255747
af854a3a-2127-422b-91ae-364da2661108	http://www.attrition.org/pipermail/vim/2007-August/001765.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/22677	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/32650

Impacted products

Vendor	Product	Version
hp	hp-ux	*
ibm	aix	*
linux	linux_kernel	2.6.18.0
linux	linux_kernel	2.6.18.1
linux	linux_kernel	2.6.18.2
linux	linux_kernel	2.6.18.3
linux	linux_kernel	2.6.18.4
linux	linux_kernel	2.6.18.5
linux	linux_kernel	2.6.18.6
linux	linux_kernel	2.6.18.7
linux	linux_kernel	2.6.19
linux	linux_kernel	2.6.19.1
linux	linux_kernel	2.6.19.2
linux	linux_kernel	2.6.19.3
linux	linux_kernel	2.6.19.4
linux	linux_kernel	2.6.20
linux	linux_kernel	2.6.20.1
microsoft	windows_xp	*
sun	solaris	*
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1.4
ibm	db2_universal_database	8.1.5
ibm	db2_universal_database	8.1.6
ibm	db2_universal_database	8.1.6c
ibm	db2_universal_database	8.1.7
ibm	db2_universal_database	8.1.7b
ibm	db2_universal_database	8.1.8
ibm	db2_universal_database	8.1.8a
ibm	db2_universal_database	8.1.9
ibm	db2_universal_database	8.1.9a
ibm	db2_universal_database	8.10
ibm	db2_universal_database	8.12
ibm	db2_universal_database	9.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:hp:hp-ux:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "61A4F116-1FEE-450E-99AE-6AD9ACDDE570",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7F01A55-7C37-4BAF-A4D4-61E8AC54FF79",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A252C50-D63A-4FC0-A51E-A63A939D6AA1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D08CBC56-C820-4513-ABEC-1ABB3EFC3A15",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "338BB401-8831-4094-9186-2B3CFA5903D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E32E6BA-AFEF-44A8-B230-87DD043BB222",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F69E575B-BD1A-4E50-8D6F-131D5E08058E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "20F6269B-5F6B-4413-B14D-7AE5442E4CCD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "189D1246-F975-4411-A58B-343ED90485FD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B914F7F-C6BD-4527-B1E9-7FD1E337A18C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "179147E4-5247-451D-9409-545D661BC158",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6554469E-F6AE-4EB0-880E-CBFD196FEE31",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F99CFC1-DCCE-47B9-98EF-84AEDAECE02E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C20367B0-F722-4442-8B59-ABB0FEDB8CC8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "86A98A70-51E3-4556-8DC4-DD09CF370D1A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6940324-0383-4510-BA55-770E0A6B80B7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E3313D5-52E8-49B3-B145-170D9A26DA43",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:sun:solaris:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "469B74F2-4B89-42B8-8638-731E92D463B9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6F180189-FA62-453A-B6F8-134FE12805EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "3DC757E1-EC37-48C5-BE72-53184624ACDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DFE3DF2-216B-4E71-99BA-7955E44D853C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "00CFC92D-19AC-4515-A4F0-3744C335D975",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "83BDA3DD-24B4-4D91-969E-2E779A7EB1A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.6c:*:*:*:*:*:*:*",
              "matchCriteriaId": "82E8AF18-6E6D-4923-9303-A082D4D47B2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D309A217-6A82-4B5C-9C5B-ABD6E27457EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.7b:*:*:*:*:*:*:*",
              "matchCriteriaId": "F79242DD-F95B-4038-B6D9-4ABBE3F51836",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "302D906F-312A-4042-976D-6998178102E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.8a:*:*:*:*:*:*:*",
              "matchCriteriaId": "280064D8-0605-488F-AC2D-C2D238F3A69E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DA1AE7F-2417-43FD-9CFC-B17D6D4C6212",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.9a:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D8F7EC6-B67C-470F-8EC3-BC3C72A7989C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "8ADCB14D-55AC-4DD6-8820-DE058FC2A27D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "96E664BE-2FAF-42AB-AE71-0A78C9DEC9AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "1961E7E9-35A4-4721-A081-E08D88FC1F42",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified binaries in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allow local users to create or modify arbitrary files via unspecified environment variables related to \"unsafe file access.\""
    },
    {
      "lang": "es",
      "value": "Binarios no especificados en IBM DB2 8.x anterior a 8.1 FixPak 15 y 9.1 anterior a Fix Pack 2 permite a usuarios locales crear o modificar ficheros de su elecci\u00f3n a trav\u00e9s de entornos variables no especificados relacionados con \"accesos de ficheros inseguros\"."
    }
  ],
  "id": "CVE-2007-1086",
  "lastModified": "2024-11-21T00:27:28.683",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-02-23T22:28:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=481"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/40969"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255747"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/22677"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32650"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=481"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/40969"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255747"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/22677"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32650"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-08-18 21:17

Modified

2024-11-21 00:35

Severity ?

Summary

Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID function in IBM DB2 UDB 9.1 before Fixpak 3 allows attackers to cause a denial of service and possibly execute arbitrary code via a long argument.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/26471	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ01828
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
cve@mitre.org	http://www.appsecinc.com/resources/alerts/db2/2007-01.shtml
cve@mitre.org	http://www.attrition.org/pipermail/vim/2007-August/001765.html
cve@mitre.org	http://www.securityfocus.com/archive/1/478313/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/25339
cve@mitre.org	http://www.securitytracker.com/id?1018640
cve@mitre.org	http://www.vupen.com/english/advisories/2007/2912	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/36065
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/36111
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26471	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ01828
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.appsecinc.com/resources/alerts/db2/2007-01.shtml
af854a3a-2127-422b-91ae-364da2661108	http://www.attrition.org/pipermail/vim/2007-August/001765.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/478313/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/25339
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1018640
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2912	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/36065
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/36111

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	8.0
ibm	db2_universal_database	9.0
ibm	db2_universal_database	9.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "06038A2B-9391-48D8-92DF-073B27017C41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FA904BE-8369-469F-B70F-191745B5FA0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:fp2:*:*:*:*:*",
              "matchCriteriaId": "0D6B01CA-EE69-4A03-8C4B-F6D31447F4B6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID function in IBM DB2 UDB 9.1 before Fixpak 3 allows attackers to cause a denial of service and possibly execute arbitrary code via a long argument."
    },
    {
      "lang": "es",
      "value": "Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en la funci\u00f3n AUTH_LIST_GROUPS_FOR_AUTHID en IBM DB2 UDB versi\u00f3n 9.1 anterior a Fixpak 3, permite a atacantes causar una denegaci\u00f3n de servicio y posiblemente ejecutar c\u00f3digo arbitrario por medio de un argumento largo."
    }
  ],
  "id": "CVE-2007-4423",
  "lastModified": "2024-11-21T00:35:33.737",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-08-18T21:17:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26471"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ01828"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.appsecinc.com/resources/alerts/db2/2007-01.shtml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/478313/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/25339"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1018640"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/2912"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36065"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36111"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26471"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ01828"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.appsecinc.com/resources/alerts/db2/2007-01.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/478313/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/25339"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1018640"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/2912"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36065"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36111"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2008-02-13 00:00

Modified

2024-11-21 00:38

Severity ?

Summary

Untrusted search path vulnerability in db2pd in IBM DB2 Universal Database (UDB) 8 before FixPak 16 and 9 before Fix Pack 4 allows local users to gain root privileges via a modified DB2INSTANCE environment variable that points to a malicious library. NOTE: this might be the same issue as CVE-2008-0697.

References

URL	Tags
cve@mitre.org	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=653	Patch
cve@mitre.org	http://securitytracker.com/id?1019319
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03546
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=653	Patch
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1019319
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03546

Impacted products

	Vendor	Product	Version
	ibm	db2_universal_database	*
	ibm	db2_universal_database	9.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fixpak_15:*:*:*:*:*:*",
              "matchCriteriaId": "85F3A6E3-CC1B-4641-9DEC-179823897C72",
              "versionEndIncluding": "8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.0:fixpak_3a:*:*:*:*:*:*",
              "matchCriteriaId": "51075EBA-905B-4165-8674-44E406A2177C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Untrusted search path vulnerability in db2pd in IBM DB2 Universal Database (UDB) 8 before FixPak 16 and 9 before Fix Pack 4 allows local users to gain root privileges via a modified DB2INSTANCE environment variable that points to a malicious library.  NOTE: this might be the same issue as CVE-2008-0697."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de ruta de b\u00fasqueda no confiable en db2pd de IBM DB2 Universal Database (UDB) versiones anteriores a 8 FixPak 16 y versiones anteriores a 9 Fix Pack 4 permite a usuarios locales conseguir privilegios de root mediante la modificaci\u00f3n de la variable de entorno DB2INSTANCE para que apunte a una librer\u00eda maliciosa. \r\nNOTA: esto podr\u00eda ser la misma cuesti\u00f3n que CVE-2008-0697.\r\n"
    }
  ],
  "id": "CVE-2007-5757",
  "lastModified": "2024-11-21T00:38:37.643",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-02-13T00:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=653"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1019319"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03546"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=653"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1019319"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03546"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2008-08-28 17:41

Modified

2024-11-21 00:50

Severity ?

Summary

The Base Service Utilities component in IBM DB2 9.1 before Fixpak 5 retains a cleartext password in memory after the database connection that sent the password is fully established, which might allow local users to obtain sensitive information by reading a memory dump.

References

URL	Tags
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1JR27422
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
cve@mitre.org	http://www.securityfocus.com/bid/29601
cve@mitre.org	http://www.vupen.com/english/advisories/2008/1769
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/45139
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1JR27422
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/29601
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1769
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/45139

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "0D925911-6225-4B31-9C19-EF40360A9FB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "1961E7E9-35A4-4721-A081-E08D88FC1F42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "806CC0EE-9779-4676-A1FB-13878BAE42F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "C31FA827-1D6D-471A-8246-D39AF6AD0F83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "9446F75C-BE15-4DAE-9B96-E80F0EF24C0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:aix:*:*:*:*:*",
              "matchCriteriaId": "640F9988-7F33-4440-AB63-2743237BF2B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "C6F52E0B-24A2-4942-9256-ADBBEE3C1BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:linux:*:*:*:*:*",
              "matchCriteriaId": "627E56A7-98F1-4A94-9F76-4C6A9365616B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:solaris:*:*:*:*:*",
              "matchCriteriaId": "9DBCE5C1-CE78-4DEA-A6E7-35B2525052E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:windows:*:*:*:*:*",
              "matchCriteriaId": "CC92F759-749C-4E6A-83B3-C8ADB333054F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:aix:*:*:*:*:*",
              "matchCriteriaId": "30FD4DEA-CB8C-4E90-BE9E-B5C6225371A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "24FE6316-E7FB-474B-B61B-38F72D6EE632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:linux:*:*:*:*:*",
              "matchCriteriaId": "45610195-E2DF-480B-898B-32EE8707D3E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:solaris:*:*:*:*:*",
              "matchCriteriaId": "D16FC5E6-87A6-4594-8E1F-8DEBA7A7326B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:windows:*:*:*:*:*",
              "matchCriteriaId": "F1503B4A-3C40-45E4-9C2F-347CDF419752",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "55F55D9D-3016-4AB1-84B3-20FEE3CD0A98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:solaris:*:*:*:*:*",
              "matchCriteriaId": "C9C156A0-A869-4D16-955D-EC9A6696260C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:windows:*:*:*:*:*",
              "matchCriteriaId": "A3BD177C-6CF6-463D-8999-830DA1BF3E38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:aix:*:*:*:*:*",
              "matchCriteriaId": "059C886A-FA0B-40DE-A573-A2B4BE7A14BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "7D21AED3-42E7-4C07-8DD3-4DFCC40E1460",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:linux:*:*:*:*:*",
              "matchCriteriaId": "240239CD-9E05-46E0-A42C-13DB5EE8F436",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:solaris:*:*:*:*:*",
              "matchCriteriaId": "BE002DF4-F5FF-4505-8722-37ACCDB2EC11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:windows:*:*:*:*:*",
              "matchCriteriaId": "77828856-BFE6-4D31-90C1-CDB189BA95AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Base Service Utilities component in IBM DB2 9.1 before Fixpak 5 retains a cleartext password in memory after the database connection that sent the password is fully established, which might allow local users to obtain sensitive information by reading a memory dump."
    },
    {
      "lang": "es",
      "value": "El componente Base Service Utilities en IBM DB2 9.1 antes de Fixpak 5 conserva una contrase\u00f1a en texto claro en memoria despu\u00e9s de que la conexi\u00f3n a la base de datos que env\u00eda la contrase\u00f1a est\u00e1 totalmente establecida, lo que podr\u00eda permitir a usuarios locales obtener informaci\u00f3n sensible leyendo una descarga de memoria."
    }
  ],
  "id": "CVE-2008-3857",
  "lastModified": "2024-11-21T00:50:17.370",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-08-28T17:41:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR27422"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/1769"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45139"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR27422"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1769"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45139"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2006-06-19 10:02

Modified

2024-11-21 00:12

Severity ?

Summary

IBM DB2 Universal Database (UDB) before 8.2 FixPak 12 allows remote attackers to cause a denial of service (application crash) by sending "incorrect information ... regarding the package name/creator," which leads to a "memory overwrite."

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/20579	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY79204	Patch
cve@mitre.org	http://www.osvdb.org/29862
cve@mitre.org	http://www.vupen.com/english/advisories/2006/2332	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/20579	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY79204	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/29862
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/2332	Vendor Advisory

Impacted products

	Vendor	Product	Version
	ibm	db2_universal_database	8.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "3DC757E1-EC37-48C5-BE72-53184624ACDC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 Universal Database (UDB) before 8.2 FixPak 12 allows remote attackers to cause a denial of service (application crash) by sending \"incorrect information ... regarding the package name/creator,\" which leads to a \"memory overwrite.\""
    },
    {
      "lang": "es",
      "value": "IBM DB2 Universal Database (UDB), anterior a v8.2 FixPak 12 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de aplicaci\u00f3n) mediante el env\u00edo de \"informaci\u00f3n incorrecta ... sobre el nombre del paquete / creador\", que conduce a una \"memoria sobrescribir\"."
    }
  ],
  "id": "CVE-2006-3068",
  "lastModified": "2024-11-21T00:12:44.663",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-06-19T10:02:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20579"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY79204"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/29862"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/2332"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/20579"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY79204"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/29862"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/2332"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2003-11-17 05:00

Modified

2024-11-20 23:45

Severity ?

Summary

IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on (1) db2job and (2) db2job2.

References

▼	URL	Tags
	cve@mitre.org	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/db2aixv7/FP10a_U495172/FixpakReadme.txt
	cve@mitre.org	http://marc.info/?l=bugtraq&m=106010332721672&w=2
	af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/db2aixv7/FP10a_U495172/FixpakReadme.txt
	af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=106010332721672&w=2

Impacted products

	Vendor	Product	Version
	ibm	db2_universal_database	*
	ibm	db2_universal_database	7.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:*:linux:*:*:*:*:*",
              "matchCriteriaId": "C9D34F7A-C72B-463A-8351-E679980CD7BC",
              "versionEndIncluding": "8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "56D0096E-8145-4A36-BC18-A9C5C780D1A3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on (1) db2job and (2) db2job2."
    },
    {
      "lang": "es",
      "value": "IBM DB2 anteriores a FixPak 10a, y versiones anteriores incluyendo la 7.1, permite a usuarios locales sobreescribir ficheros arbitrarios y ganar privilegios mediante un ataque de enlaces simb\u00f3licos sobre d2job o db2job2."
    }
  ],
  "id": "CVE-2003-0898",
  "lastModified": "2024-11-20T23:45:45.273",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-11-17T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/db2aixv7/FP10a_U495172/FixpakReadme.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=106010332721672\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/db2aixv7/FP10a_U495172/FixpakReadme.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=106010332721672\u0026w=2"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-02-23 22:28

Modified

2024-11-21 00:27

Severity ?

Summary

IBM DB2 Universal Database (UDB) 9.1 GA through 9.1 FP1 allows local users with table SELECT privileges to perform unauthorized UPDATE and DELETE SQL commands via unknown vectors.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/24283	Patch
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1JR25941	Patch
cve@mitre.org	http://www.attrition.org/pipermail/vim/2007-August/001765.html
cve@mitre.org	http://www.vupen.com/english/advisories/2007/0721
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/24283	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1JR25941	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.attrition.org/pipermail/vim/2007-August/001765.html
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/0721

Impacted products

Vendor	Product	Version
linux	linux_kernel	2.6.18.0
linux	linux_kernel	2.6.18.1
linux	linux_kernel	2.6.18.2
linux	linux_kernel	2.6.18.3
linux	linux_kernel	2.6.18.4
linux	linux_kernel	2.6.18.5
linux	linux_kernel	2.6.18.6
linux	linux_kernel	2.6.18.7
linux	linux_kernel	2.6.19
linux	linux_kernel	2.6.19.1
linux	linux_kernel	2.6.19.2
linux	linux_kernel	2.6.19.3
linux	linux_kernel	2.6.19.4
linux	linux_kernel	2.6.20
linux	linux_kernel	2.6.20.1
microsoft	windows_xp	*
ibm	db2_universal_database	*
ibm	db2_universal_database	9.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A252C50-D63A-4FC0-A51E-A63A939D6AA1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D08CBC56-C820-4513-ABEC-1ABB3EFC3A15",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "338BB401-8831-4094-9186-2B3CFA5903D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E32E6BA-AFEF-44A8-B230-87DD043BB222",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "F69E575B-BD1A-4E50-8D6F-131D5E08058E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "20F6269B-5F6B-4413-B14D-7AE5442E4CCD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "189D1246-F975-4411-A58B-343ED90485FD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.18.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "1B914F7F-C6BD-4527-B1E9-7FD1E337A18C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "179147E4-5247-451D-9409-545D661BC158",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6554469E-F6AE-4EB0-880E-CBFD196FEE31",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F99CFC1-DCCE-47B9-98EF-84AEDAECE02E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C20367B0-F722-4442-8B59-ABB0FEDB8CC8",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.19.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "86A98A70-51E3-4556-8DC4-DD09CF370D1A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "C6940324-0383-4510-BA55-770E0A6B80B7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:2.6.20.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E3313D5-52E8-49B3-B145-170D9A26DA43",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows_xp:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E61F1C9B-44AF-4B35-A7B2-948EEF7639BD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:*:aix:*:*:*:*:*",
              "matchCriteriaId": "93775368-AD06-4B91-B783-EFEAC0C6697B",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:ga:*:*:*:*:*:*",
              "matchCriteriaId": "E3422821-0C01-4502-AD99-0AFE73751B3F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 Universal Database (UDB) 9.1 GA through 9.1 FP1 allows local users with table SELECT privileges to perform unauthorized UPDATE and DELETE SQL commands via unknown vectors."
    },
    {
      "lang": "es",
      "value": "IBM DB2 Universal Database (UDB) 9.1 GA hasta 9.1 FP1 permite a usuarios locales con privilegios en la tabla SELECT realizar los comandos no autorizados SQL: UPDATE y DELETEa trav\u00e9s de vectores desconocidos."
    }
  ],
  "id": "CVE-2007-1089",
  "lastModified": "2024-11-21T00:27:29.217",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-02-23T22:28:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://secunia.com/advisories/24283"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR25941"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/0721"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://secunia.com/advisories/24283"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR25941"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/0721"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2008-08-28 17:41

Modified

2024-11-21 00:50

Severity ?

Summary

The Downlevel DB2RA Support component in IBM DB2 9.1 before Fixpak 4a allows remote attackers to cause a denial of service (instance crash) via a crafted CONNECT data stream that simulates a V7 client connect request.

References

URL	Tags
cve@mitre.org	http://osvdb.org/48428
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ07299	Patch
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
cve@mitre.org	http://www.securityfocus.com/bid/29601	Patch
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/45138
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/48428
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ07299	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/29601	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/45138

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "0D925911-6225-4B31-9C19-EF40360A9FB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "1961E7E9-35A4-4721-A081-E08D88FC1F42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "806CC0EE-9779-4676-A1FB-13878BAE42F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "C31FA827-1D6D-471A-8246-D39AF6AD0F83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "9446F75C-BE15-4DAE-9B96-E80F0EF24C0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:aix:*:*:*:*:*",
              "matchCriteriaId": "640F9988-7F33-4440-AB63-2743237BF2B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "C6F52E0B-24A2-4942-9256-ADBBEE3C1BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:linux:*:*:*:*:*",
              "matchCriteriaId": "627E56A7-98F1-4A94-9F76-4C6A9365616B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:solaris:*:*:*:*:*",
              "matchCriteriaId": "9DBCE5C1-CE78-4DEA-A6E7-35B2525052E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:windows:*:*:*:*:*",
              "matchCriteriaId": "CC92F759-749C-4E6A-83B3-C8ADB333054F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:aix:*:*:*:*:*",
              "matchCriteriaId": "30FD4DEA-CB8C-4E90-BE9E-B5C6225371A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "24FE6316-E7FB-474B-B61B-38F72D6EE632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:linux:*:*:*:*:*",
              "matchCriteriaId": "45610195-E2DF-480B-898B-32EE8707D3E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:solaris:*:*:*:*:*",
              "matchCriteriaId": "D16FC5E6-87A6-4594-8E1F-8DEBA7A7326B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:windows:*:*:*:*:*",
              "matchCriteriaId": "F1503B4A-3C40-45E4-9C2F-347CDF419752",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:aix:*:*:*:*:*",
              "matchCriteriaId": "3F54309A-BA0E-447A-A115-DDBC20F6B2FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "55F55D9D-3016-4AB1-84B3-20FEE3CD0A98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:linux:*:*:*:*:*",
              "matchCriteriaId": "C518666C-29DE-45C0-A68D-74B5E2CEBBBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:solaris:*:*:*:*:*",
              "matchCriteriaId": "C9C156A0-A869-4D16-955D-EC9A6696260C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:windows:*:*:*:*:*",
              "matchCriteriaId": "A3BD177C-6CF6-463D-8999-830DA1BF3E38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:aix:*:*:*:*:*",
              "matchCriteriaId": "059C886A-FA0B-40DE-A573-A2B4BE7A14BD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Downlevel DB2RA Support component in IBM DB2 9.1 before Fixpak 4a allows remote attackers to cause a denial of service (instance crash) via a crafted CONNECT data stream that simulates a V7 client connect request."
    },
    {
      "lang": "es",
      "value": "El componente Downlevel DB2RA Support en IBM DB2 9.1 antes de Fixpak 4a permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de instancia) mediante un flujo de datos CONNECT manipulado que simula una petici\u00f3n de conexi\u00f3n de cliente V7."
    }
  ],
  "id": "CVE-2008-3858",
  "lastModified": "2024-11-21T00:50:17.513",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-08-28T17:41:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/48428"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ07299"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45138"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/48428"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ07299"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45138"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-12-31 05:00

Modified

2024-11-21 00:05

Severity ?

Summary

IBM DB2 Universal Database (UDB) 810 before version 8 FixPak 10 allows remote authenticated users to cause a denial of service (db2jd service crash) by "connecting from a downlevel client."

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/17031	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1JR21329	Patch
cve@mitre.org	http://www.securityfocus.com/bid/15126	Patch
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/17031	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1JR21329	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/15126	Patch

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1.4
ibm	db2_universal_database	8.1.5
ibm	db2_universal_database	8.1.6
ibm	db2_universal_database	8.1.6c
ibm	db2_universal_database	8.1.7
ibm	db2_universal_database	8.1.7b
ibm	db2_universal_database	8.1.8
ibm	db2_universal_database	8.1.8a
ibm	db2_universal_database	8.1.9
ibm	db2_universal_database	8.1.9a

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6F180189-FA62-453A-B6F8-134FE12805EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "3DC757E1-EC37-48C5-BE72-53184624ACDC",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DFE3DF2-216B-4E71-99BA-7955E44D853C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "00CFC92D-19AC-4515-A4F0-3744C335D975",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "83BDA3DD-24B4-4D91-969E-2E779A7EB1A7",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.6c:*:*:*:*:*:*:*",
              "matchCriteriaId": "82E8AF18-6E6D-4923-9303-A082D4D47B2E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D309A217-6A82-4B5C-9C5B-ABD6E27457EE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.7b:*:*:*:*:*:*:*",
              "matchCriteriaId": "F79242DD-F95B-4038-B6D9-4ABBE3F51836",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "302D906F-312A-4042-976D-6998178102E2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.8a:*:*:*:*:*:*:*",
              "matchCriteriaId": "280064D8-0605-488F-AC2D-C2D238F3A69E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DA1AE7F-2417-43FD-9CFC-B17D6D4C6212",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.9a:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D8F7EC6-B67C-470F-8EC3-BC3C72A7989C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 Universal Database (UDB) 810 before version 8 FixPak 10 allows remote authenticated users to cause a denial of service (db2jd service crash) by \"connecting from a downlevel client.\""
    }
  ],
  "id": "CVE-2005-4740",
  "lastModified": "2024-11-21T00:05:04.103",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17031"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR21329"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/15126"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/17031"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR21329"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/15126"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2004-09-28 04:00

Modified

2024-11-20 23:41

Severity ?

Summary

Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Database 6.0 and 7.0 allows local users to execute arbitrary code via a long username that is read from a file descriptor argument.

References

URL	Tags
cve@mitre.org	http://www.iss.net/security_center/static/9078.php	Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/4817	Patch, Vendor Advisory
cve@mitre.org	http://www.securitytracker.com/alerts/2002/May/1004352.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.iss.net/security_center/static/9078.php	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/4817	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/alerts/2002/May/1004352.html	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	6.0
ibm	db2_universal_database	7.0
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.2
ibm	db2_universal_database	8.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "489B0F5D-2D6B-4599-BE7A-41A491E6318A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6EA810DB-104E-412A-8B6E-DBB5BEE743A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "56D0096E-8145-4A36-BC18-A9C5C780D1A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:linux:*:*:*:*:*",
              "matchCriteriaId": "80DE2026-D9F0-4AAA-97E6-F4FB0EBDB265",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:*:windows:*:*:*:*:*",
              "matchCriteriaId": "B4EC24E8-4E4F-4D93-88E6-B27FEB663823",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Database 6.0 and 7.0 allows local users to execute arbitrary code via a long username that is read from a file descriptor argument."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en sqllib/security/db2ckpw de IBM DB2 Universal Database 6.0 y 7.0 permite a usuarios locales ejecutar c\u00f3digo de su elecci\u00f3n mediante un nombre de usuario largo que se lee de un argumento de descriptor de fichero."
    }
  ],
  "id": "CVE-2002-1583",
  "lastModified": "2024-11-20T23:41:39.040",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-09-28T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.iss.net/security_center/static/9078.php"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/4817"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securitytracker.com/alerts/2002/May/1004352.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.iss.net/security_center/static/9078.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/4817"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securitytracker.com/alerts/2002/May/1004352.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2004-09-01 04:00

Modified

2024-11-20 23:50

Severity ?

Summary

Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow local users to execute arbitrary code via (1) a long third argument to the rec2xml function or (2) a long filename argument to the generate_distfile procedure.

References

URL	Tags
cve@mitre.org	http://marc.info/?l=bugtraq&m=110382462924162&w=2
cve@mitre.org	http://marc.info/?l=bugtraq&m=110382730431065&w=2
cve@mitre.org	http://www.ngssoftware.com/advisories/db223122004K.txt	Patch, Vendor Advisory
cve@mitre.org	http://www.ngssoftware.com/advisories/db223122004L.txt	Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/11089	Patch
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/18663
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/18682
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=110382462924162&w=2
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=110382730431065&w=2
af854a3a-2127-422b-91ae-364da2661108	http://www.ngssoftware.com/advisories/db223122004K.txt	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.ngssoftware.com/advisories/db223122004L.txt	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/11089	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/18663
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/18682

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	7.0
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.2
ibm	db2_universal_database	8.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6EA810DB-104E-412A-8B6E-DBB5BEE743A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "56D0096E-8145-4A36-BC18-A9C5C780D1A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:linux:*:*:*:*:*",
              "matchCriteriaId": "80DE2026-D9F0-4AAA-97E6-F4FB0EBDB265",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "3DC757E1-EC37-48C5-BE72-53184624ACDC",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow local users to execute arbitrary code via (1) a long third argument to the rec2xml function or (2) a long filename argument to the generate_distfile procedure."
    }
  ],
  "id": "CVE-2004-1372",
  "lastModified": "2024-11-20T23:50:43.367",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.2,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-09-01T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=110382462924162\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=110382730431065\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ngssoftware.com/advisories/db223122004K.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ngssoftware.com/advisories/db223122004L.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/11089"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18663"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18682"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=110382462924162\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=110382730431065\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ngssoftware.com/advisories/db223122004K.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.ngssoftware.com/advisories/db223122004L.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/11089"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18663"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18682"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2006-12-19 20:28

Modified

2024-11-21 00:23

Severity ?

Summary

IBM DB2 8.1 before FixPak 14 allows remote attackers to cause a denial of service via a crafted SQLJRA packet, which causes a NULL pointer dereference in the sqle_db2ra_as_recvrequest function in DB2ENGN.DLL, a different issue than CVE-2006-4257.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/23397	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY91847	Patch
cve@mitre.org	http://www.appsecinc.com/resources/alerts/db2/2006-11-30.shtml	Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/21646	Patch
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/23397	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY91847	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.appsecinc.com/resources/alerts/db2/2006-11-30.shtml	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/21646	Patch

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1.4
ibm	db2_universal_database	8.1.5
ibm	db2_universal_database	8.1.6
ibm	db2_universal_database	8.1.6c
ibm	db2_universal_database	8.1.7
ibm	db2_universal_database	8.1.7b
ibm	db2_universal_database	8.1.8
ibm	db2_universal_database	8.1.8a
ibm	db2_universal_database	8.1.9
ibm	db2_universal_database	8.1.9a
ibm	db2_universal_database	8.10
ibm	db2_universal_database	8.12

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "3DC757E1-EC37-48C5-BE72-53184624ACDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9DFE3DF2-216B-4E71-99BA-7955E44D853C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "00CFC92D-19AC-4515-A4F0-3744C335D975",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "83BDA3DD-24B4-4D91-969E-2E779A7EB1A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.6c:*:*:*:*:*:*:*",
              "matchCriteriaId": "82E8AF18-6E6D-4923-9303-A082D4D47B2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "D309A217-6A82-4B5C-9C5B-ABD6E27457EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.7b:*:*:*:*:*:*:*",
              "matchCriteriaId": "F79242DD-F95B-4038-B6D9-4ABBE3F51836",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "302D906F-312A-4042-976D-6998178102E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.8a:*:*:*:*:*:*:*",
              "matchCriteriaId": "280064D8-0605-488F-AC2D-C2D238F3A69E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DA1AE7F-2417-43FD-9CFC-B17D6D4C6212",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1.9a:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D8F7EC6-B67C-470F-8EC3-BC3C72A7989C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "8ADCB14D-55AC-4DD6-8820-DE058FC2A27D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "96E664BE-2FAF-42AB-AE71-0A78C9DEC9AF",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 8.1 before FixPak 14 allows remote attackers to cause a denial of service via a crafted SQLJRA packet, which causes a NULL pointer dereference in the sqle_db2ra_as_recvrequest function in DB2ENGN.DLL, a different issue than CVE-2006-4257."
    },
    {
      "lang": "es",
      "value": "IBM DB2 8.1 anterior a FixPak 14 permite a atacantes remotos provocar una denegaci\u00f3n de servicio mediante un paquete SQLJRA artesanal, lo cual provoca una referencia a un puntero NULL en la funci\u00f3n sqle_db2ra_as_recvrequest en DB2ENGN.DLL, un asunto diferente que CVE-2006-4257."
    }
  ],
  "id": "CVE-2006-6638",
  "lastModified": "2024-11-21T00:23:17.010",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-12-19T20:28:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/23397"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY91847"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.appsecinc.com/resources/alerts/db2/2006-11-30.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/21646"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/23397"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY91847"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.appsecinc.com/resources/alerts/db2/2006-11-30.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/21646"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2001-02-16 05:00

Modified

2024-11-20 23:34

Severity ?

Summary

IBM DB2 Universal Database version 6.1 creates an account with a default user name and password, which allows remote attackers to gain access to the database.

References

URL	Tags
cve@mitre.org	http://www.securityfocus.com/archive/1/149222	Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/2068	Exploit, Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/5662
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/149222	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/2068	Exploit, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/5662

Impacted products

	Vendor	Product	Version
	ibm	db2_universal_database	6.1
	ibm	db2_universal_database	6.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:6.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "9A8C84A1-718D-4F3A-A426-1FB51B46E132",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:6.1:*:windows_nt:*:*:*:*:*",
              "matchCriteriaId": "CE2C1506-0AF0-40A6-8922-782AE4EAF5C2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 Universal Database version 6.1 creates an account with a default user name and password, which allows remote attackers to gain access to the database."
    }
  ],
  "id": "CVE-2001-0051",
  "lastModified": "2024-11-20T23:34:29.000",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2001-02-16T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/archive/1/149222"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/2068"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5662"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/archive/1/149222"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/2068"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5662"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-12-31 05:00

Modified

2024-11-21 00:05

Severity ?

Summary

Stack-based buffer overflow in call in IBM DB2 7.x and 8.1 allows remote attackers to execute arbitrary code via a long libname.

References

URL	Tags
cve@mitre.org	http://marc.info/?l=bugtraq&m=110495173031208&w=2
cve@mitre.org	http://secunia.com/advisories/12733/	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY62041	Patch
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21181228	Patch
cve@mitre.org	http://www.nextgenss.com/advisories/db205012005C.txt
cve@mitre.org	http://www.securityfocus.com/bid/11399	Patch
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/17611
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=110495173031208&w=2
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/12733/	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY62041	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21181228	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.nextgenss.com/advisories/db205012005C.txt
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/11399	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/17611

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	7.0
ibm	db2_universal_database	7.0
ibm	db2_universal_database	7.0
ibm	db2_universal_database	7.0
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.2
ibm	db2_universal_database	7.2
ibm	db2_universal_database	7.2
ibm	db2_universal_database	7.2
ibm	db2_universal_database	7.2
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.0:*:aix:*:*:*:*:*",
              "matchCriteriaId": "889CAF38-6DFA-4185-BB20-62D7AC8E607E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.0:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "74DC6B16-4519-41FC-84A7-DF5D74909018",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6EA810DB-104E-412A-8B6E-DBB5BEE743A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.0:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "515EB611-B1FA-467C-91EF-C5A15BE54C5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "AAB0D5A7-4649-4427-A298-AB8BE83BA898",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "D1065FBC-D8F9-4E61-AA00-E26D10477152",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "56D0096E-8145-4A36-BC18-A9C5C780D1A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "3582B88E-655E-4258-A60D-99D9F01EE698",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "BE7D9100-F344-49B7-A542-2A7035FBFF41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:aix:*:*:*:*:*",
              "matchCriteriaId": "F2CD0B87-4557-4EC9-9082-B7F23113D911",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "E77E8381-FC86-406E-8AC5-CA62415665D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:linux:*:*:*:*:*",
              "matchCriteriaId": "80DE2026-D9F0-4AAA-97E6-F4FB0EBDB265",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "E6F25EED-2F22-4066-8EBF-82B78E4518F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:windows:*:*:*:*:*",
              "matchCriteriaId": "6EBDEDDF-DBBA-4CD9-8CDE-5182246936D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:aix:*:*:*:*:*",
              "matchCriteriaId": "95E13DED-D8B2-4895-8540-B0C59CB6E672",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "71C09529-B8EA-4E39-9606-84EFE693A459",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6F180189-FA62-453A-B6F8-134FE12805EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "0656D0A4-E09E-4C5E-9270-931433598B7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:windows:*:*:*:*:*",
              "matchCriteriaId": "39F9063B-982D-46C0-BE50-57DAE0F83174",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "3DC757E1-EC37-48C5-BE72-53184624ACDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "0D220944-974E-4620-86DB-3687CF219294",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "BEB7068D-B900-418A-88A4-6F35122D8302",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "D75154B0-4B86-41C7-BD04-9AE21647F27F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "620663C7-8AA1-430F-AF00-32F5EF7C65B6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Stack-based buffer overflow in call in IBM DB2 7.x and 8.1 allows remote attackers to execute arbitrary code via a long libname."
    }
  ],
  "id": "CVE-2005-4865",
  "lastModified": "2024-11-21T00:05:21.990",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=110495173031208\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/12733/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY62041"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21181228"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.nextgenss.com/advisories/db205012005C.txt"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/11399"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17611"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=110495173031208\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/12733/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY62041"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21181228"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.nextgenss.com/advisories/db205012005C.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/11399"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17611"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-08-18 21:17

Modified

2024-11-21 00:35

Severity ?

Summary

IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary directories and execute arbitrary code via a "crafted localized message file" that enables a format string attack, possibly involving the (1) OSSEMEMDBG or (2) TRC_LOG_FILE environment variable in db2licd (db2licm).

References

URL	Tags
cve@mitre.org	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=581
cve@mitre.org	http://secunia.com/advisories/26471	Patch, Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1018581
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY98011
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IY98101
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255352
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
cve@mitre.org	http://www.attrition.org/pipermail/vim/2007-August/001765.html
cve@mitre.org	http://www.securityfocus.com/bid/25339
cve@mitre.org	http://www.vupen.com/english/advisories/2007/2912
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/36106
af854a3a-2127-422b-91ae-364da2661108	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=581
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26471	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018581
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY98011
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IY98101
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255352
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
af854a3a-2127-422b-91ae-364da2661108	http://www.attrition.org/pipermail/vim/2007-August/001765.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/25339
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2912
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/36106

Impacted products

	Vendor	Product	Version
	ibm	db2_universal_database	*
	ibm	db2_universal_database	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp14:*:*:*:*:*:*",
              "matchCriteriaId": "A896A825-6BBF-46A4-992D-F80CC0A93D5C",
              "versionEndIncluding": "8.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:*:fp2:*:*:*:*:*",
              "matchCriteriaId": "AD1AACA4-8B6E-4DC7-A63D-7F6D1D1C7575",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary directories and execute arbitrary code via a \"crafted localized message file\" that enables a format string attack, possibly involving the (1) OSSEMEMDBG or (2) TRC_LOG_FILE environment variable in db2licd (db2licm)."
    },
    {
      "lang": "es",
      "value": "IBM DB2 UDB 8 anterior al Fixpak 15 y 9.1 anterior al Fixpak 3 permite a usuarios locales crear directorios y ejecutar c\u00f3digo de su elecci\u00f3n mediante un \"archivo de mensaje traducido manipulado\" que habilita un ataque de cadena de formato, posiblemente involucrando las variables de entorno (1) OSSEMEMDBG o (2) TRC_LOG_FILE en db2licd(db2licm)."
    }
  ],
  "id": "CVE-2007-4273",
  "lastModified": "2024-11-21T00:35:12.427",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-08-18T21:17:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=581"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26471"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1018581"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98011"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98101"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/25339"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/2912"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36106"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=581"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/26471"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1018581"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98101"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/25339"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/2912"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36106"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-134"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2007-11-20 20:46

Modified

2024-11-21 00:39

Severity ?

Summary

IBM DB2 UDB 9.1 before Fixpak 4 uses incorrect permissions on ACLs for DB2NODES.CFG, which has unknown impact and attack vectors. NOTE: the vendor description of this issue is too vague to be certain that it is security-related.

References

URL	Tags
cve@mitre.org	http://osvdb.org/41017
cve@mitre.org	http://secunia.com/advisories/27667	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1JR26989
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
cve@mitre.org	http://www.securityfocus.com/bid/26450	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2007/3867
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/41017
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/27667	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1JR26989
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/26450	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/3867

Impacted products

Vendor	Product	Version
linux	linux_kernel	*
microsoft	windows	*
unix	unix	*
ibm	db2_universal_database	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CF61F35-5905-4BA9-AD7E-7DB261D2F256",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:unix:unix:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7A7C398-5356-45D6-AA5C-53E63BC88DCA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:*:fp3a:*:*:*:*:*",
              "matchCriteriaId": "D90DD96D-B5DE-47CD-94EA-E8C058F8D548",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 UDB 9.1 before Fixpak 4 uses incorrect permissions on ACLs for DB2NODES.CFG, which has unknown impact and attack vectors.  NOTE: the vendor description of this issue is too vague to be certain that it is security-related."
    },
    {
      "lang": "es",
      "value": "IBM DB2 UDB 9.1 anterior Fixpack 4 utiliza permisos incorrectos sobre ACLs para DB2NODES.CFG, lo cual tiene un impacto desconocido y vectores de ataque. NOTA: la descripci\u00f3n del vendedor de este asunto es muy vaga como para afirmar que es un asunto de seguridad."
    }
  ],
  "id": "CVE-2007-6048",
  "lastModified": "2024-11-21T00:39:15.743",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-11-20T20:46:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/41017"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27667"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR26989"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/26450"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/3867"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/41017"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/27667"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR26989"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/26450"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/3867"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2008-09-11 01:13

Modified

2024-11-21 00:50

Severity ?

Summary

Unspecified vulnerability in the JDBC Applet Server Service (aka db2jds) in IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service (service crash) via "malicious packets."

References

URL	Tags
cve@mitre.org	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
cve@mitre.org	http://osvdb.org/48148
cve@mitre.org	http://secunia.com/advisories/31787	Vendor Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21318189
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1JR29274
cve@mitre.org	http://www.securityfocus.com/bid/31058
cve@mitre.org	http://www.securitytracker.com/id?1020826
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/44984
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/48148
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31787	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21318189
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1JR29274
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/31058
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1020826
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/44984

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	*
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp16:*:*:*:*:*:*",
              "matchCriteriaId": "CD142750-345A-4494-AD18-6066ACE7FD6F",
              "versionEndIncluding": "8.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A1C6146-5EE5-4CD0-B6AC-3F41937C2FDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp1:*:*:*:*:*:*",
              "matchCriteriaId": "84FCC3B8-58C0-4739-A184-FE3D5171E6D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp10:*:*:*:*:*:*",
              "matchCriteriaId": "1261651A-8849-40A2-9E1C-E40F0033E6E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp11:*:*:*:*:*:*",
              "matchCriteriaId": "62B91891-59A3-4F3C-A0AB-196CCEA72643",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp12:*:*:*:*:*:*",
              "matchCriteriaId": "F4D3EC1B-B162-4FCC-B573-E45917F5D51A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp13:*:*:*:*:*:*",
              "matchCriteriaId": "770BC7B2-6539-4C38-B246-32997A0D932C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp14:*:*:*:*:*:*",
              "matchCriteriaId": "4381E4E3-1E56-45E7-BF66-001DA1CFE18B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp15:*:*:*:*:*:*",
              "matchCriteriaId": "F3FB2953-6048-4C98-AC6A-272DCF7BEC31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp2:*:*:*:*:*:*",
              "matchCriteriaId": "F0C9DEFD-F626-43B4-84E8-665CCED9BBEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp3:*:*:*:*:*:*",
              "matchCriteriaId": "B4784B3C-FE9A-4D24-8C54-5733B775A36E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp4:*:*:*:*:*:*",
              "matchCriteriaId": "AE9F3357-AF23-4DE5-A026-862A08522137",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp5:*:*:*:*:*:*",
              "matchCriteriaId": "04D3F6B0-AF46-44F0-BA93-4154C84E23C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp6:*:*:*:*:*:*",
              "matchCriteriaId": "62FF3DAA-5693-438C-89EB-1DF6765DB66C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp7:*:*:*:*:*:*",
              "matchCriteriaId": "E7B0A924-F4E1-4F82-9FCC-12EDBC76867C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp8:*:*:*:*:*:*",
              "matchCriteriaId": "925077BB-0D08-4655-805E-F685DAE049F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp9:*:*:*:*:*:*",
              "matchCriteriaId": "A77736D2-8351-405D-88F7-14AE37AA1AA1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the JDBC Applet Server Service (aka db2jds) in IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service (service crash) via \"malicious packets.\""
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad sin especificar en el JDBC Applet Server Service (tambi\u00e9n conocido como db2jds) en IBM DB2 UDB 8 anterior al fixpack 17, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de servicio) a trav\u00e9s de \"paquetes maliciosos\"."
    }
  ],
  "id": "CVE-2008-3960",
  "lastModified": "2024-11-21T00:50:34.717",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-09-11T01:13:47.570",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/48148"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31787"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21318189"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR29274"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/31058"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1020826"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44984"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/48148"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31787"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21318189"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR29274"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/31058"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020826"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44984"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd

Published

2005-04-27 04:00

Modified

2024-11-20 23:55

Severity ?

Summary

Unknown "high risk" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and attack vectors. NOTE: due to the delayed disclosure of details for this issue, this candidate may be SPLIT in the future. In addition, this may be a duplicate of other issues as reported by the vendor.

References

URL	Tags
cve@mitre.org	http://marc.info/?l=bugtraq&m=110801212422825&w=2
cve@mitre.org	http://www.ngssoftware.com/advisories/db2-09-05-05.htm
cve@mitre.org	http://www.securityfocus.com/bid/12508	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=110801212422825&w=2
af854a3a-2127-422b-91ae-364da2661108	http://www.ngssoftware.com/advisories/db2-09-05-05.htm
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/12508	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	6.0
ibm	db2_universal_database	7.0
ibm	db2_universal_database	7.1
ibm	db2_universal_database	7.2
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.1
ibm	db2_universal_database	8.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "489B0F5D-2D6B-4599-BE7A-41A491E6318A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6EA810DB-104E-412A-8B6E-DBB5BEE743A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "56D0096E-8145-4A36-BC18-A9C5C780D1A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:7.2:*:linux:*:*:*:*:*",
              "matchCriteriaId": "80DE2026-D9F0-4AAA-97E6-F4FB0EBDB265",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6F180189-FA62-453A-B6F8-134FE12805EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "3DC757E1-EC37-48C5-BE72-53184624ACDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:*:windows:*:*:*:*:*",
              "matchCriteriaId": "B4EC24E8-4E4F-4D93-88E6-B27FEB663823",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unknown \"high risk\" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and attack vectors.  NOTE: due to the delayed disclosure of details for this issue, this candidate may be SPLIT in the future.  In addition, this may be a duplicate of other issues as reported by the vendor."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad desconocida de \"alto riesgo\" en DB2 Universal Database 8.1 y anteriores con impacto y vectores de ataque desconocidos."
    }
  ],
  "id": "CVE-2005-0417",
  "lastModified": "2024-11-20T23:55:04.673",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2005-04-27T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=110801212422825\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ngssoftware.com/advisories/db2-09-05-05.htm"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/12508"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=110801212422825\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ngssoftware.com/advisories/db2-09-05-05.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/12508"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2008-3855

Vulnerability from cvelistv5

Published

2008-08-28 17:00

Modified

2024-08-07 09:53

Severity ?

Summary

Unspecified vulnerability in the DB2 Administration Server (DAS) in the Core DAS function component in IBM DB2 9.1 before Fixpak 5 allows local users to gain privileges, aka a "FILE CREATION VULNERABILITY." NOTE: this may be the same as CVE-2007-5664.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/42932	vdb-entry, x_refsource_XF
	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12735	vendor-advisory, x_refsource_AIXAPAR
	http://www.vupen.com/english/advisories/2008/1769	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/29601	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/30558	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:53:00.634Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "ibm-db2-adminserver-privilege-escalation(42932)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42932"
          },
          {
            "name": "IZ12735",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12735"
          },
          {
            "name": "ADV-2008-1769",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1769"
          },
          {
            "name": "29601",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/29601"
          },
          {
            "name": "30558",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30558"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-06-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the DB2 Administration Server (DAS) in the Core DAS function component in IBM DB2 9.1 before Fixpak 5 allows local users to gain privileges, aka a \"FILE CREATION VULNERABILITY.\" NOTE: this may be the same as CVE-2007-5664."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "ibm-db2-adminserver-privilege-escalation(42932)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42932"
        },
        {
          "name": "IZ12735",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12735"
        },
        {
          "name": "ADV-2008-1769",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1769"
        },
        {
          "name": "29601",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/29601"
        },
        {
          "name": "30558",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30558"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-3855",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the DB2 Administration Server (DAS) in the Core DAS function component in IBM DB2 9.1 before Fixpak 5 allows local users to gain privileges, aka a \"FILE CREATION VULNERABILITY.\" NOTE: this may be the same as CVE-2007-5664."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "ibm-db2-adminserver-privilege-escalation(42932)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42932"
            },
            {
              "name": "IZ12735",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12735"
            },
            {
              "name": "ADV-2008-1769",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1769"
            },
            {
              "name": "29601",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/29601"
            },
            {
              "name": "30558",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30558"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-3855",
    "datePublished": "2008-08-28T17:00:00",
    "dateReserved": "2008-08-28T00:00:00",
    "dateUpdated": "2024-08-07T09:53:00.634Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-4418

Vulnerability from cvelistv5

Published

2007-08-18 21:00

Modified

2024-08-07 14:53

Severity ?

Summary

IBM DB2 UDB 8 before Fixpak 15 does not properly check authorization, which allows remote authenticated users with a certain SELECT privilege to have an unknown impact via unspecified vectors. NOTE: this issue is probably related to CVE-2007-1089, but this is uncertain due to lack of details.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg1JR25940	vendor-advisory, x_refsource_AIXAPAR
	http://www.attrition.org/pipermail/vim/2007-August/001765.html	mailing-list, x_refsource_VIM
	http://www.vupen.com/english/advisories/2007/2912	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/25339	vdb-entry, x_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilities/36109	vdb-entry, x_refsource_XF
	http://www-1.ibm.com/support/docview.wss?uid=swg21255352	x_refsource_CONFIRM
	http://secunia.com/advisories/26471	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:53:55.989Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "JR25940",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR25940"
          },
          {
            "name": "20070818 Recent DB2 Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_VIM",
              "x_transferred"
            ],
            "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
          },
          {
            "name": "ADV-2007-2912",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2912"
          },
          {
            "name": "25339",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25339"
          },
          {
            "name": "db2-select-unspecified(36109)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36109"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
          },
          {
            "name": "26471",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26471"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-08-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 UDB 8 before Fixpak 15 does not properly check authorization, which allows remote authenticated users with a certain SELECT privilege to have an unknown impact via unspecified vectors.  NOTE: this issue is probably related to CVE-2007-1089, but this is uncertain due to lack of details."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "JR25940",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR25940"
        },
        {
          "name": "20070818 Recent DB2 Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_VIM"
          ],
          "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
        },
        {
          "name": "ADV-2007-2912",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2912"
        },
        {
          "name": "25339",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25339"
        },
        {
          "name": "db2-select-unspecified(36109)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36109"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
        },
        {
          "name": "26471",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26471"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-4418",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 UDB 8 before Fixpak 15 does not properly check authorization, which allows remote authenticated users with a certain SELECT privilege to have an unknown impact via unspecified vectors.  NOTE: this issue is probably related to CVE-2007-1089, but this is uncertain due to lack of details."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "JR25940",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR25940"
            },
            {
              "name": "20070818 Recent DB2 Vulnerabilities",
              "refsource": "VIM",
              "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
            },
            {
              "name": "ADV-2007-2912",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2912"
            },
            {
              "name": "25339",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/25339"
            },
            {
              "name": "db2-select-unspecified(36109)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36109"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
            },
            {
              "name": "26471",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26471"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-4418",
    "datePublished": "2007-08-18T21:00:00",
    "dateReserved": "2007-08-18T00:00:00",
    "dateUpdated": "2024-08-07T14:53:55.989Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-6049

Vulnerability from cvelistv5

Published

2007-11-20 20:00

Modified

2024-08-07 15:54

Severity ?

Summary

Unspecified vulnerability in the SSL LOAD GSKIT action in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, involving a call to dlopen when the effective uid is root.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2007/3867	vdb-entry, x_refsource_VUPEN
	http://osvdb.org/41013	vdb-entry, x_refsource_OSVDB
	http://www.securityfocus.com/bid/26450	vdb-entry, x_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ05461	vendor-advisory, x_refsource_AIXAPAR
	http://secunia.com/advisories/27667	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:54:26.564Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "ADV-2007-3867",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3867"
          },
          {
            "name": "41013",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/41013"
          },
          {
            "name": "26450",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26450"
          },
          {
            "name": "IZ05461",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ05461"
          },
          {
            "name": "27667",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27667"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-11-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the SSL LOAD GSKIT action in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, involving a call to dlopen when the effective uid is root."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2008-11-15T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "ADV-2007-3867",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3867"
        },
        {
          "name": "41013",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/41013"
        },
        {
          "name": "26450",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26450"
        },
        {
          "name": "IZ05461",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ05461"
        },
        {
          "name": "27667",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27667"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-6049",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the SSL LOAD GSKIT action in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, involving a call to dlopen when the effective uid is root."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "ADV-2007-3867",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3867"
            },
            {
              "name": "41013",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/41013"
            },
            {
              "name": "26450",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26450"
            },
            {
              "name": "IZ05461",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ05461"
            },
            {
              "name": "27667",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27667"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-6049",
    "datePublished": "2007-11-20T20:00:00",
    "dateReserved": "2007-11-20T00:00:00",
    "dateUpdated": "2024-08-07T15:54:26.564Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-1372

Vulnerability from cvelistv5

Published

2005-01-19 05:00

Modified

2024-08-08 00:46

Severity ?

Summary

Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow local users to execute arbitrary code via (1) a long third argument to the rec2xml function or (2) a long filename argument to the generate_distfile procedure.

References

▼	URL	Tags
	http://marc.info/?l=bugtraq&m=110382462924162&w=2	mailing-list, x_refsource_BUGTRAQ
	http://marc.info/?l=bugtraq&m=110382730431065&w=2	mailing-list, x_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilities/18682	vdb-entry, x_refsource_XF
	https://exchange.xforce.ibmcloud.com/vulnerabilities/18663	vdb-entry, x_refsource_XF
	http://www.securityfocus.com/bid/11089	vdb-entry, x_refsource_BID
	http://www.ngssoftware.com/advisories/db223122004L.txt	x_refsource_MISC
	http://www.ngssoftware.com/advisories/db223122004K.txt	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:46:12.445Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20041223 IBM DB2 generate_distfile buffer overflow vulnerability (#NISR2122004L)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110382462924162\u0026w=2"
          },
          {
            "name": "20041223 IBM DB2 rec2xml buffer overflow vulnerability (#NISR2122004J)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110382730431065\u0026w=2"
          },
          {
            "name": "db2-rec2xml-bo(18682)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18682"
          },
          {
            "name": "db2-generatedistfile-bo(18663)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18663"
          },
          {
            "name": "11089",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11089"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.ngssoftware.com/advisories/db223122004L.txt"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.ngssoftware.com/advisories/db223122004K.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-12-23T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow local users to execute arbitrary code via (1) a long third argument to the rec2xml function or (2) a long filename argument to the generate_distfile procedure."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20041223 IBM DB2 generate_distfile buffer overflow vulnerability (#NISR2122004L)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110382462924162\u0026w=2"
        },
        {
          "name": "20041223 IBM DB2 rec2xml buffer overflow vulnerability (#NISR2122004J)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110382730431065\u0026w=2"
        },
        {
          "name": "db2-rec2xml-bo(18682)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18682"
        },
        {
          "name": "db2-generatedistfile-bo(18663)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18663"
        },
        {
          "name": "11089",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11089"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.ngssoftware.com/advisories/db223122004L.txt"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.ngssoftware.com/advisories/db223122004K.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-1372",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow local users to execute arbitrary code via (1) a long third argument to the rec2xml function or (2) a long filename argument to the generate_distfile procedure."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20041223 IBM DB2 generate_distfile buffer overflow vulnerability (#NISR2122004L)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=110382462924162\u0026w=2"
            },
            {
              "name": "20041223 IBM DB2 rec2xml buffer overflow vulnerability (#NISR2122004J)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=110382730431065\u0026w=2"
            },
            {
              "name": "db2-rec2xml-bo(18682)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18682"
            },
            {
              "name": "db2-generatedistfile-bo(18663)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18663"
            },
            {
              "name": "11089",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11089"
            },
            {
              "name": "http://www.ngssoftware.com/advisories/db223122004L.txt",
              "refsource": "MISC",
              "url": "http://www.ngssoftware.com/advisories/db223122004L.txt"
            },
            {
              "name": "http://www.ngssoftware.com/advisories/db223122004K.txt",
              "refsource": "MISC",
              "url": "http://www.ngssoftware.com/advisories/db223122004K.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-1372",
    "datePublished": "2005-01-19T05:00:00",
    "dateReserved": "2005-01-07T00:00:00",
    "dateUpdated": "2024-08-08T00:46:12.445Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-5664

Vulnerability from cvelistv5

Published

2008-04-16 18:00

Modified

2024-08-07 15:39

Severity ?

Summary

db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to overwrite arbitrary files via a symlink attack on files used for initialization.

References

▼	URL	Tags
	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=688	third-party-advisory, x_refsource_IDEFENSE
	http://www.securitytracker.com/id?1019852	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/29784	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2008/1237/references	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/27870	vdb-entry, x_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilities/41848	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:39:13.611Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20080415 IBM DB2 Universal Database Administration Server File Creation Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=688"
          },
          {
            "name": "1019852",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019852"
          },
          {
            "name": "29784",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29784"
          },
          {
            "name": "ADV-2008-1237",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1237/references"
          },
          {
            "name": "27870",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/27870"
          },
          {
            "name": "ibm-db2-db2dasrrm-symlink(41848)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41848"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-04-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to overwrite arbitrary files via a symlink attack on files used for initialization."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20080415 IBM DB2 Universal Database Administration Server File Creation Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=688"
        },
        {
          "name": "1019852",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019852"
        },
        {
          "name": "29784",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29784"
        },
        {
          "name": "ADV-2008-1237",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1237/references"
        },
        {
          "name": "27870",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/27870"
        },
        {
          "name": "ibm-db2-db2dasrrm-symlink(41848)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41848"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-5664",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to overwrite arbitrary files via a symlink attack on files used for initialization."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20080415 IBM DB2 Universal Database Administration Server File Creation Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=688"
            },
            {
              "name": "1019852",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1019852"
            },
            {
              "name": "29784",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29784"
            },
            {
              "name": "ADV-2008-1237",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1237/references"
            },
            {
              "name": "27870",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/27870"
            },
            {
              "name": "ibm-db2-db2dasrrm-symlink(41848)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41848"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-5664",
    "datePublished": "2008-04-16T18:00:00",
    "dateReserved": "2007-10-23T00:00:00",
    "dateUpdated": "2024-08-07T15:39:13.611Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2002-1583

Vulnerability from cvelistv5

Published

2004-08-20 04:00

Modified

2024-09-17 01:01

Severity ?

Summary

Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Database 6.0 and 7.0 allows local users to execute arbitrary code via a long username that is read from a file descriptor argument.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/4817	vdb-entry, x_refsource_BID
	http://www.securitytracker.com/alerts/2002/May/1004352.html	vendor-advisory, x_refsource_IBM
	http://www.iss.net/security_center/static/9078.php	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T03:26:28.999Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "4817",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/4817"
          },
          {
            "name": "MSS-OAR-E01-2002:318.1",
            "tags": [
              "vendor-advisory",
              "x_refsource_IBM",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/alerts/2002/May/1004352.html"
          },
          {
            "name": "ibm-db2-db2ckpw-bo(9078)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "http://www.iss.net/security_center/static/9078.php"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Database 6.0 and 7.0 allows local users to execute arbitrary code via a long username that is read from a file descriptor argument."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2004-08-20T04:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "4817",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/4817"
        },
        {
          "name": "MSS-OAR-E01-2002:318.1",
          "tags": [
            "vendor-advisory",
            "x_refsource_IBM"
          ],
          "url": "http://www.securitytracker.com/alerts/2002/May/1004352.html"
        },
        {
          "name": "ibm-db2-db2ckpw-bo(9078)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "http://www.iss.net/security_center/static/9078.php"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2002-1583",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Database 6.0 and 7.0 allows local users to execute arbitrary code via a long username that is read from a file descriptor argument."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "4817",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/4817"
            },
            {
              "name": "MSS-OAR-E01-2002:318.1",
              "refsource": "IBM",
              "url": "http://www.securitytracker.com/alerts/2002/May/1004352.html"
            },
            {
              "name": "ibm-db2-db2ckpw-bo(9078)",
              "refsource": "XF",
              "url": "http://www.iss.net/security_center/static/9078.php"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2002-1583",
    "datePublished": "2004-08-20T04:00:00Z",
    "dateReserved": "2004-08-19T00:00:00Z",
    "dateUpdated": "2024-09-17T01:01:24.332Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-6045

Vulnerability from cvelistv5

Published

2007-11-20 20:00

Modified

2024-08-07 15:54

Severity ?

Summary

Unspecified vulnerability in (1) DB2WATCH and (2) DB2FREEZE in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2007/3867	vdb-entry, x_refsource_VUPEN
	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03655	vendor-advisory, x_refsource_AIXAPAR
	http://www.securityfocus.com/bid/26450	vdb-entry, x_refsource_BID
	http://osvdb.org/41015	vdb-entry, x_refsource_OSVDB
	http://secunia.com/advisories/27667	third-party-advisory, x_refsource_SECUNIA
	http://osvdb.org/41014	vdb-entry, x_refsource_OSVDB

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:54:26.667Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "ADV-2007-3867",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3867"
          },
          {
            "name": "IZ03655",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03655"
          },
          {
            "name": "26450",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26450"
          },
          {
            "name": "41015",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/41015"
          },
          {
            "name": "27667",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27667"
          },
          {
            "name": "41014",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/41014"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-11-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in (1) DB2WATCH and (2) DB2FREEZE in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2008-11-15T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "ADV-2007-3867",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3867"
        },
        {
          "name": "IZ03655",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03655"
        },
        {
          "name": "26450",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26450"
        },
        {
          "name": "41015",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/41015"
        },
        {
          "name": "27667",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27667"
        },
        {
          "name": "41014",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/41014"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-6045",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in (1) DB2WATCH and (2) DB2FREEZE in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "ADV-2007-3867",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3867"
            },
            {
              "name": "IZ03655",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03655"
            },
            {
              "name": "26450",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26450"
            },
            {
              "name": "41015",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/41015"
            },
            {
              "name": "27667",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27667"
            },
            {
              "name": "41014",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/41014"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-6045",
    "datePublished": "2007-11-20T20:00:00",
    "dateReserved": "2007-11-20T00:00:00",
    "dateUpdated": "2024-08-07T15:54:26.667Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-4735

Vulnerability from cvelistv5

Published

2006-03-19 23:00

Modified

2024-09-16 18:08

Severity ?

Summary

IBM DB2 Universal Database (UDB) 810 before 8.1 FP10 allows remote authenticated users to cause a denial of service (application crash) via (1) certain equality predicates that trigger self-removal, aka IY70808; and (2) a query with more than 32000 elements in the IN-list, aka LI70817.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY70808	vendor-advisory, x_refsource_AIXAPAR
	http://www.securityfocus.com/bid/15126	vdb-entry, x_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg1LI70817	vendor-advisory, x_refsource_AIXAPAR
	http://secunia.com/advisories/17031	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:53:29.003Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "IY70808",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY70808"
          },
          {
            "name": "15126",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/15126"
          },
          {
            "name": "LI70817",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1LI70817"
          },
          {
            "name": "17031",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17031"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 Universal Database (UDB) 810 before 8.1 FP10 allows remote authenticated users to cause a denial of service (application crash) via (1) certain equality predicates that trigger self-removal, aka IY70808; and (2) a query with more than 32000 elements in the IN-list, aka LI70817."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2006-03-19T23:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "IY70808",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY70808"
        },
        {
          "name": "15126",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/15126"
        },
        {
          "name": "LI70817",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1LI70817"
        },
        {
          "name": "17031",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17031"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-4735",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 Universal Database (UDB) 810 before 8.1 FP10 allows remote authenticated users to cause a denial of service (application crash) via (1) certain equality predicates that trigger self-removal, aka IY70808; and (2) a query with more than 32000 elements in the IN-list, aka LI70817."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "IY70808",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY70808"
            },
            {
              "name": "15126",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/15126"
            },
            {
              "name": "LI70817",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1LI70817"
            },
            {
              "name": "17031",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17031"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-4735",
    "datePublished": "2006-03-19T23:00:00Z",
    "dateReserved": "2006-03-19T00:00:00Z",
    "dateUpdated": "2024-09-16T18:08:40.146Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2009-0173

Vulnerability from cvelistv5

Published

2009-01-16 21:00

Modified

2024-08-07 04:24

Severity ?

Summary

Unspecified vulnerability in the server in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote authenticated users to cause a denial of service (trap) via a crafted data stream.

References

▼	URL	Tags
	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT	x_refsource_CONFIRM
	http://securitytracker.com/id?1021591	vdb-entry, x_refsource_SECTRACK
	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ39652	vendor-advisory, x_refsource_AIXAPAR
	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39373	vendor-advisory, x_refsource_AIXAPAR
	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/47934	vdb-entry, x_refsource_XF
	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39653	vendor-advisory, x_refsource_AIXAPAR
	http://secunia.com/advisories/33529	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21363936	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2009/0137	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/33258	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:24:17.975Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
          },
          {
            "name": "1021591",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021591"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT"
          },
          {
            "name": "IZ39652",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ39652"
          },
          {
            "name": "IZ39373",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39373"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
          },
          {
            "name": "ibm-db2-datastream-dos(47934)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47934"
          },
          {
            "name": "IZ39653",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39653"
          },
          {
            "name": "33529",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33529"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936"
          },
          {
            "name": "ADV-2009-0137",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0137"
          },
          {
            "name": "33258",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33258"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-01-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the server in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote authenticated users to cause a denial of service (trap) via a crafted data stream."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
        },
        {
          "name": "1021591",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021591"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT"
        },
        {
          "name": "IZ39652",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ39652"
        },
        {
          "name": "IZ39373",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39373"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
        },
        {
          "name": "ibm-db2-datastream-dos(47934)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47934"
        },
        {
          "name": "IZ39653",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39653"
        },
        {
          "name": "33529",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33529"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936"
        },
        {
          "name": "ADV-2009-0137",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0137"
        },
        {
          "name": "33258",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33258"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-0173",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the server in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote authenticated users to cause a denial of service (trap) via a crafted data stream."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
            },
            {
              "name": "1021591",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1021591"
            },
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT"
            },
            {
              "name": "IZ39652",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ39652"
            },
            {
              "name": "IZ39373",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39373"
            },
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
            },
            {
              "name": "ibm-db2-datastream-dos(47934)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47934"
            },
            {
              "name": "IZ39653",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39653"
            },
            {
              "name": "33529",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33529"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936"
            },
            {
              "name": "ADV-2009-0137",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0137"
            },
            {
              "name": "33258",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/33258"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-0173",
    "datePublished": "2009-01-16T21:00:00",
    "dateReserved": "2009-01-16T00:00:00",
    "dateUpdated": "2024-08-07T04:24:17.975Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-6048

Vulnerability from cvelistv5

Published

2007-11-20 20:00

Modified

2024-08-07 15:54

Severity ?

Summary

IBM DB2 UDB 9.1 before Fixpak 4 uses incorrect permissions on ACLs for DB2NODES.CFG, which has unknown impact and attack vectors. NOTE: the vendor description of this issue is too vague to be certain that it is security-related.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	x_refsource_CONFIRM
	http://osvdb.org/41017	vdb-entry, x_refsource_OSVDB
	http://www.vupen.com/english/advisories/2007/3867	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/26450	vdb-entry, x_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg1JR26989	vendor-advisory, x_refsource_AIXAPAR
	http://secunia.com/advisories/27667	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:54:26.957Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "41017",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/41017"
          },
          {
            "name": "ADV-2007-3867",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3867"
          },
          {
            "name": "26450",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26450"
          },
          {
            "name": "JR26989",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR26989"
          },
          {
            "name": "27667",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27667"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-11-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 UDB 9.1 before Fixpak 4 uses incorrect permissions on ACLs for DB2NODES.CFG, which has unknown impact and attack vectors.  NOTE: the vendor description of this issue is too vague to be certain that it is security-related."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2008-11-15T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "41017",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/41017"
        },
        {
          "name": "ADV-2007-3867",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3867"
        },
        {
          "name": "26450",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26450"
        },
        {
          "name": "JR26989",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR26989"
        },
        {
          "name": "27667",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27667"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-6048",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 UDB 9.1 before Fixpak 4 uses incorrect permissions on ACLs for DB2NODES.CFG, which has unknown impact and attack vectors.  NOTE: the vendor description of this issue is too vague to be certain that it is security-related."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "41017",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/41017"
            },
            {
              "name": "ADV-2007-3867",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3867"
            },
            {
              "name": "26450",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26450"
            },
            {
              "name": "JR26989",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR26989"
            },
            {
              "name": "27667",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27667"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-6048",
    "datePublished": "2007-11-20T20:00:00",
    "dateReserved": "2007-11-20T00:00:00",
    "dateUpdated": "2024-08-07T15:54:26.957Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-4737

Vulnerability from cvelistv5

Published

2006-03-19 23:00

Modified

2024-09-16 17:24

Severity ?

Summary

IBM DB2 Universal Database (UDB) 820 before ESE AIX 5765F4100 allows remote authenticated users to cause a denial of service (CPU consumption) by "abnormally" terminating a connection, which prevents db2agents from being properly cleared.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/15126	vdb-entry, x_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY71587	vendor-advisory, x_refsource_AIXAPAR
	http://secunia.com/advisories/17031	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:53:28.942Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "15126",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/15126"
          },
          {
            "name": "IY71587",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY71587"
          },
          {
            "name": "17031",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17031"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 Universal Database (UDB) 820 before ESE AIX 5765F4100 allows remote authenticated users to cause a denial of service (CPU consumption) by \"abnormally\" terminating a connection, which prevents db2agents from being properly cleared."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2006-03-19T23:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "15126",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/15126"
        },
        {
          "name": "IY71587",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY71587"
        },
        {
          "name": "17031",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17031"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-4737",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 Universal Database (UDB) 820 before ESE AIX 5765F4100 allows remote authenticated users to cause a denial of service (CPU consumption) by \"abnormally\" terminating a connection, which prevents db2agents from being properly cleared."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "15126",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/15126"
            },
            {
              "name": "IY71587",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY71587"
            },
            {
              "name": "17031",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17031"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-4737",
    "datePublished": "2006-03-19T23:00:00Z",
    "dateReserved": "2006-03-19T00:00:00Z",
    "dateUpdated": "2024-09-16T17:24:11.055Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-4275

Vulnerability from cvelistv5

Published

2007-08-18 21:00

Modified

2024-08-07 14:46

Severity ?

Summary

Multiple untrusted search path vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain privileges via certain vectors related to (1) DB2 instance or FMP startup on Linux and Solaris; (2) exec of executables while running as root on non-Windows systems, as demonstrated by AIX; and unspecified vectors involving (3) db2licm and (4) db2pd.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY97922	vendor-advisory, x_refsource_AIXAPAR
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY97936	vendor-advisory, x_refsource_AIXAPAR
	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	x_refsource_CONFIRM
	http://www.attrition.org/pipermail/vim/2007-August/001765.html	mailing-list, x_refsource_VIM
	http://www.vupen.com/english/advisories/2007/2912	vdb-entry, x_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilities/36064	vdb-entry, x_refsource_XF
	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ01923	vendor-advisory, x_refsource_AIXAPAR
	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ02067	vendor-advisory, x_refsource_AIXAPAR
	http://www.securityfocus.com/bid/25339	vdb-entry, x_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg21255352	x_refsource_CONFIRM
	http://securitytracker.com/id?1018581	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/26471	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/36062	vdb-entry, x_refsource_XF
	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=582	third-party-advisory, x_refsource_IDEFENSE
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY98206	vendor-advisory, x_refsource_AIXAPAR
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY98176	vendor-advisory, x_refsource_AIXAPAR

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:46:39.478Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "IY97922",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY97922"
          },
          {
            "name": "IY97936",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY97936"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "20070818 Recent DB2 Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_VIM",
              "x_transferred"
            ],
            "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
          },
          {
            "name": "ADV-2007-2912",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2912"
          },
          {
            "name": "db2-instance-fmp-privilege-escalation(36064)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36064"
          },
          {
            "name": "IZ01923",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ01923"
          },
          {
            "name": "IZ02067",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ02067"
          },
          {
            "name": "25339",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25339"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
          },
          {
            "name": "1018581",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018581"
          },
          {
            "name": "26471",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26471"
          },
          {
            "name": "db2-execs-privilege-escalation(36062)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36062"
          },
          {
            "name": "20070816 IBM DB2 Universal Database Multiple Untrusted Search Path Vulnerabilities",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=582"
          },
          {
            "name": "IY98206",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98206"
          },
          {
            "name": "IY98176",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98176"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-08-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple untrusted search path vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain privileges via certain vectors related to (1) DB2 instance or FMP startup on Linux and Solaris; (2) exec of executables while running as root on non-Windows systems, as demonstrated by AIX; and unspecified vectors involving (3) db2licm and (4) db2pd."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "IY97922",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY97922"
        },
        {
          "name": "IY97936",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY97936"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "20070818 Recent DB2 Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_VIM"
          ],
          "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
        },
        {
          "name": "ADV-2007-2912",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2912"
        },
        {
          "name": "db2-instance-fmp-privilege-escalation(36064)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36064"
        },
        {
          "name": "IZ01923",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ01923"
        },
        {
          "name": "IZ02067",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ02067"
        },
        {
          "name": "25339",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25339"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
        },
        {
          "name": "1018581",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018581"
        },
        {
          "name": "26471",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26471"
        },
        {
          "name": "db2-execs-privilege-escalation(36062)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36062"
        },
        {
          "name": "20070816 IBM DB2 Universal Database Multiple Untrusted Search Path Vulnerabilities",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=582"
        },
        {
          "name": "IY98206",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98206"
        },
        {
          "name": "IY98176",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98176"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-4275",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple untrusted search path vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain privileges via certain vectors related to (1) DB2 instance or FMP startup on Linux and Solaris; (2) exec of executables while running as root on non-Windows systems, as demonstrated by AIX; and unspecified vectors involving (3) db2licm and (4) db2pd."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "IY97922",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY97922"
            },
            {
              "name": "IY97936",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY97936"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "20070818 Recent DB2 Vulnerabilities",
              "refsource": "VIM",
              "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
            },
            {
              "name": "ADV-2007-2912",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2912"
            },
            {
              "name": "db2-instance-fmp-privilege-escalation(36064)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36064"
            },
            {
              "name": "IZ01923",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ01923"
            },
            {
              "name": "IZ02067",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ02067"
            },
            {
              "name": "25339",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/25339"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
            },
            {
              "name": "1018581",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1018581"
            },
            {
              "name": "26471",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26471"
            },
            {
              "name": "db2-execs-privilege-escalation(36062)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36062"
            },
            {
              "name": "20070816 IBM DB2 Universal Database Multiple Untrusted Search Path Vulnerabilities",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=582"
            },
            {
              "name": "IY98206",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98206"
            },
            {
              "name": "IY98176",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98176"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-4275",
    "datePublished": "2007-08-18T21:00:00",
    "dateReserved": "2007-08-09T00:00:00",
    "dateUpdated": "2024-08-07T14:46:39.478Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-3858

Vulnerability from cvelistv5

Published

2008-08-28 17:00

Modified

2024-08-07 09:53

Severity ?

Summary

The Downlevel DB2RA Support component in IBM DB2 9.1 before Fixpak 4a allows remote attackers to cause a denial of service (instance crash) via a crafted CONNECT data stream that simulates a V7 client connect request.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	x_refsource_CONFIRM
	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ07299	vendor-advisory, x_refsource_AIXAPAR
	https://exchange.xforce.ibmcloud.com/vulnerabilities/45138	vdb-entry, x_refsource_XF
	http://osvdb.org/48428	vdb-entry, x_refsource_OSVDB
	http://www.securityfocus.com/bid/29601	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:53:00.430Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "IZ07299",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ07299"
          },
          {
            "name": "ibm-db2-downlevel-db2rasupport-dos(45138)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45138"
          },
          {
            "name": "48428",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/48428"
          },
          {
            "name": "29601",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/29601"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-06-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Downlevel DB2RA Support component in IBM DB2 9.1 before Fixpak 4a allows remote attackers to cause a denial of service (instance crash) via a crafted CONNECT data stream that simulates a V7 client connect request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "IZ07299",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ07299"
        },
        {
          "name": "ibm-db2-downlevel-db2rasupport-dos(45138)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45138"
        },
        {
          "name": "48428",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/48428"
        },
        {
          "name": "29601",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/29601"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-3858",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Downlevel DB2RA Support component in IBM DB2 9.1 before Fixpak 4a allows remote attackers to cause a denial of service (instance crash) via a crafted CONNECT data stream that simulates a V7 client connect request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "IZ07299",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ07299"
            },
            {
              "name": "ibm-db2-downlevel-db2rasupport-dos(45138)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45138"
            },
            {
              "name": "48428",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/48428"
            },
            {
              "name": "29601",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/29601"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-3858",
    "datePublished": "2008-08-28T17:00:00",
    "dateReserved": "2008-08-28T00:00:00",
    "dateUpdated": "2024-08-07T09:53:00.430Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2003-1052

Vulnerability from cvelistv5

Published

2004-08-20 04:00

Modified

2024-08-08 02:12

Severity ?

Summary

IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries that are used in setuid root programs.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/12826	vdb-entry, x_refsource_XF
	http://www.securityfocus.com/archive/1/331904	mailing-list, x_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/8346	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:12:35.927Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ibm-db2-gain-privileges(12826)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12826"
          },
          {
            "name": "20030805 Slight privilege elevation from bin to root in IBM DB2 7.1 - 8.1 all binaries",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/331904"
          },
          {
            "name": "8346",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/8346"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-08-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries that are used in setuid root programs."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ibm-db2-gain-privileges(12826)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12826"
        },
        {
          "name": "20030805 Slight privilege elevation from bin to root in IBM DB2 7.1 - 8.1 all binaries",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/331904"
        },
        {
          "name": "8346",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/8346"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-1052",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries that are used in setuid root programs."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ibm-db2-gain-privileges(12826)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/12826"
            },
            {
              "name": "20030805 Slight privilege elevation from bin to root in IBM DB2 7.1 - 8.1 all binaries",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/331904"
            },
            {
              "name": "8346",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/8346"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-1052",
    "datePublished": "2004-08-20T04:00:00",
    "dateReserved": "2004-08-19T00:00:00",
    "dateUpdated": "2024-08-08T02:12:35.927Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2009-0172

Vulnerability from cvelistv5

Published

2009-01-16 21:00

Modified

2024-08-07 04:24

Severity ?

Summary

Unspecified vulnerability in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote attackers to cause a denial of service (infinite loop) via a crafted CONNECT data stream.

References

▼	URL	Tags
	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT	x_refsource_CONFIRM
	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ36534	vendor-advisory, x_refsource_AIXAPAR
	http://securitytracker.com/id?1021591	vdb-entry, x_refsource_SECTRACK
	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT	x_refsource_CONFIRM
	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37696	vendor-advisory, x_refsource_AIXAPAR
	http://secunia.com/advisories/33529	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21363936	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2009/0137	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/33258	vdb-entry, x_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ37697	vendor-advisory, x_refsource_AIXAPAR
	https://exchange.xforce.ibmcloud.com/vulnerabilities/47931	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:24:18.155Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
          },
          {
            "name": "IZ36534",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ36534"
          },
          {
            "name": "1021591",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021591"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
          },
          {
            "name": "IZ37696",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37696"
          },
          {
            "name": "33529",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33529"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936"
          },
          {
            "name": "ADV-2009-0137",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0137"
          },
          {
            "name": "33258",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33258"
          },
          {
            "name": "IZ37697",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ37697"
          },
          {
            "name": "ibm-db2-connect-stream-dos(47931)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47931"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-01-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote attackers to cause a denial of service (infinite loop) via a crafted CONNECT data stream."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
        },
        {
          "name": "IZ36534",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ36534"
        },
        {
          "name": "1021591",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021591"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
        },
        {
          "name": "IZ37696",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37696"
        },
        {
          "name": "33529",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33529"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936"
        },
        {
          "name": "ADV-2009-0137",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0137"
        },
        {
          "name": "33258",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33258"
        },
        {
          "name": "IZ37697",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ37697"
        },
        {
          "name": "ibm-db2-connect-stream-dos(47931)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47931"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-0172",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote attackers to cause a denial of service (infinite loop) via a crafted CONNECT data stream."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
            },
            {
              "name": "IZ36534",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ36534"
            },
            {
              "name": "1021591",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1021591"
            },
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT"
            },
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
            },
            {
              "name": "IZ37696",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37696"
            },
            {
              "name": "33529",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33529"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936"
            },
            {
              "name": "ADV-2009-0137",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0137"
            },
            {
              "name": "33258",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/33258"
            },
            {
              "name": "IZ37697",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ37697"
            },
            {
              "name": "ibm-db2-connect-stream-dos(47931)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47931"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-0172",
    "datePublished": "2009-01-16T21:00:00",
    "dateReserved": "2009-01-16T00:00:00",
    "dateUpdated": "2024-08-07T04:24:18.155Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2006-3066

Vulnerability from cvelistv5

Published

2006-06-19 10:00

Modified

2024-08-07 18:16

Severity ?

Summary

Buffer overflow in the TCP/IP listener in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allows remote attackers to cause a denial of service (application crash) via a long MGRLVLLS message inside of an EXCSAT message when establishing a connection.

References

▼	URL	Tags
	http://www.osvdb.org/29861	vdb-entry, x_refsource_OSVDB
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY84096	vendor-advisory, x_refsource_AIXAPAR
	http://www.securityfocus.com/archive/1/445297/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://secunia.com/advisories/20579	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/bid/18428	vdb-entry, x_refsource_BID
	http://www.vupen.com/english/advisories/2006/2332	vdb-entry, x_refsource_VUPEN

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:16:06.046Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "29861",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/29861"
          },
          {
            "name": "IY84096",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY84096"
          },
          {
            "name": "20060906 Details for BID 18428",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/445297/100/0/threaded"
          },
          {
            "name": "20579",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20579"
          },
          {
            "name": "18428",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/18428"
          },
          {
            "name": "ADV-2006-2332",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2332"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-05-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the TCP/IP listener in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allows remote attackers to cause a denial of service (application crash) via a long MGRLVLLS message inside of an EXCSAT message when establishing a connection."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-18T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "29861",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/29861"
        },
        {
          "name": "IY84096",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY84096"
        },
        {
          "name": "20060906 Details for BID 18428",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/445297/100/0/threaded"
        },
        {
          "name": "20579",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20579"
        },
        {
          "name": "18428",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/18428"
        },
        {
          "name": "ADV-2006-2332",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2332"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3066",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the TCP/IP listener in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allows remote attackers to cause a denial of service (application crash) via a long MGRLVLLS message inside of an EXCSAT message when establishing a connection."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "29861",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/29861"
            },
            {
              "name": "IY84096",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY84096"
            },
            {
              "name": "20060906 Details for BID 18428",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/445297/100/0/threaded"
            },
            {
              "name": "20579",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20579"
            },
            {
              "name": "18428",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/18428"
            },
            {
              "name": "ADV-2006-2332",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/2332"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-3066",
    "datePublished": "2006-06-19T10:00:00",
    "dateReserved": "2006-06-19T00:00:00",
    "dateUpdated": "2024-08-07T18:16:06.046Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-4738

Vulnerability from cvelistv5

Published

2006-03-19 23:00

Modified

2024-09-17 02:01

Severity ?

Summary

IBM DB2 Universal Database (UDB) 810 before ESE AIX 5765F4100 does not ensure that a user has execute privileges before permitting object creation based on routines, which allows remote authenticated users to gain privileges.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/15126	vdb-entry, x_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY71865	vendor-advisory, x_refsource_AIXAPAR
	http://secunia.com/advisories/17031	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:53:29.073Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "15126",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/15126"
          },
          {
            "name": "IY71865",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY71865"
          },
          {
            "name": "17031",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17031"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 Universal Database (UDB) 810 before ESE AIX 5765F4100 does not ensure that a user has execute privileges before permitting object creation based on routines, which allows remote authenticated users to gain privileges."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2006-03-19T23:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "15126",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/15126"
        },
        {
          "name": "IY71865",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY71865"
        },
        {
          "name": "17031",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17031"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-4738",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 Universal Database (UDB) 810 before ESE AIX 5765F4100 does not ensure that a user has execute privileges before permitting object creation based on routines, which allows remote authenticated users to gain privileges."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "15126",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/15126"
            },
            {
              "name": "IY71865",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY71865"
            },
            {
              "name": "17031",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17031"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-4738",
    "datePublished": "2006-03-19T23:00:00Z",
    "dateReserved": "2006-03-19T00:00:00Z",
    "dateUpdated": "2024-09-17T02:01:49.846Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-0417

Vulnerability from cvelistv5

Published

2005-02-14 05:00

Modified

2024-08-07 21:13

Severity ?

Summary

Unknown "high risk" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and attack vectors. NOTE: due to the delayed disclosure of details for this issue, this candidate may be SPLIT in the future. In addition, this may be a duplicate of other issues as reported by the vendor.

References

▼	URL	Tags
	http://www.ngssoftware.com/advisories/db2-09-05-05.htm	x_refsource_MISC
	http://marc.info/?l=bugtraq&m=110801212422825&w=2	mailing-list, x_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/12508	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T21:13:54.266Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.ngssoftware.com/advisories/db2-09-05-05.htm"
          },
          {
            "name": "20050209 Patch available for high risk IBM DB2 Universal Database flaw",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110801212422825\u0026w=2"
          },
          {
            "name": "12508",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/12508"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-02-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unknown \"high risk\" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and attack vectors.  NOTE: due to the delayed disclosure of details for this issue, this candidate may be SPLIT in the future.  In addition, this may be a duplicate of other issues as reported by the vendor."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-10-17T13:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.ngssoftware.com/advisories/db2-09-05-05.htm"
        },
        {
          "name": "20050209 Patch available for high risk IBM DB2 Universal Database flaw",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110801212422825\u0026w=2"
        },
        {
          "name": "12508",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/12508"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-0417",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unknown \"high risk\" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and attack vectors.  NOTE: due to the delayed disclosure of details for this issue, this candidate may be SPLIT in the future.  In addition, this may be a duplicate of other issues as reported by the vendor."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ngssoftware.com/advisories/db2-09-05-05.htm",
              "refsource": "MISC",
              "url": "http://www.ngssoftware.com/advisories/db2-09-05-05.htm"
            },
            {
              "name": "20050209 Patch available for high risk IBM DB2 Universal Database flaw",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=110801212422825\u0026w=2"
            },
            {
              "name": "12508",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/12508"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-0417",
    "datePublished": "2005-02-14T05:00:00",
    "dateReserved": "2005-02-14T00:00:00",
    "dateUpdated": "2024-08-07T21:13:54.266Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-3853

Vulnerability from cvelistv5

Published

2008-08-28 17:00

Modified

2024-08-07 09:53

Severity ?

Summary

Buffer overflow in the DAS server program in the Core DAS function component in IBM DB2 9.1 before FP4a and 9.5 before FP1 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via unspecified vectors. NOTE: this might be related to CVE-2007-3676.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	x_refsource_CONFIRM
	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12379	vendor-advisory, x_refsource_AIXAPAR
	https://exchange.xforce.ibmcloud.com/vulnerabilities/45141	vdb-entry, x_refsource_XF
	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/29601	vdb-entry, x_refsource_BID
	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ12406	vendor-advisory, x_refsource_AIXAPAR
	http://secunia.com/advisories/29784	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:53:00.420Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "IZ12379",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12379"
          },
          {
            "name": "ibm-db2-das-bo(45141)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45141"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
          },
          {
            "name": "29601",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/29601"
          },
          {
            "name": "IZ12406",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ12406"
          },
          {
            "name": "29784",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29784"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-06-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the DAS server program in the Core DAS function component in IBM DB2 9.1 before FP4a and 9.5 before FP1 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via unspecified vectors. NOTE: this might be related to CVE-2007-3676."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "IZ12379",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12379"
        },
        {
          "name": "ibm-db2-das-bo(45141)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45141"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
        },
        {
          "name": "29601",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/29601"
        },
        {
          "name": "IZ12406",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ12406"
        },
        {
          "name": "29784",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29784"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-3853",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the DAS server program in the Core DAS function component in IBM DB2 9.1 before FP4a and 9.5 before FP1 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via unspecified vectors. NOTE: this might be related to CVE-2007-3676."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "IZ12379",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12379"
            },
            {
              "name": "ibm-db2-das-bo(45141)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45141"
            },
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
            },
            {
              "name": "29601",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/29601"
            },
            {
              "name": "IZ12406",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ12406"
            },
            {
              "name": "29784",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29784"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-3853",
    "datePublished": "2008-08-28T17:00:00",
    "dateReserved": "2008-08-28T00:00:00",
    "dateUpdated": "2024-08-07T09:53:00.420Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-4423

Vulnerability from cvelistv5

Published

2007-08-18 21:00

Modified

2024-08-07 14:53

Severity ?

Summary

Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID function in IBM DB2 UDB 9.1 before Fixpak 3 allows attackers to cause a denial of service and possibly execute arbitrary code via a long argument.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ01828	vendor-advisory, x_refsource_AIXAPAR
	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/36111	vdb-entry, x_refsource_XF
	http://www.attrition.org/pipermail/vim/2007-August/001765.html	mailing-list, x_refsource_VIM
	http://www.vupen.com/english/advisories/2007/2912	vdb-entry, x_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilities/36065	vdb-entry, x_refsource_XF
	http://www.appsecinc.com/resources/alerts/db2/2007-01.shtml	x_refsource_MISC
	http://www.securityfocus.com/bid/25339	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/26471	third-party-advisory, x_refsource_SECUNIA
	http://www.securitytracker.com/id?1018640	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/archive/1/478313/100/0/threaded	mailing-list, x_refsource_BUGTRAQ

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:53:55.940Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "IZ01828",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ01828"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "db2-authlistgroups-dos(36111)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36111"
          },
          {
            "name": "20070818 Recent DB2 Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_VIM",
              "x_transferred"
            ],
            "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
          },
          {
            "name": "ADV-2007-2912",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2912"
          },
          {
            "name": "db2-authlistgroupsforauthid-dos(36065)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36065"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.appsecinc.com/resources/alerts/db2/2007-01.shtml"
          },
          {
            "name": "25339",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25339"
          },
          {
            "name": "26471",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26471"
          },
          {
            "name": "1018640",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018640"
          },
          {
            "name": "20070831 Team SHATTER Advisory: IBM DB2 Buffer overflow in sysproc.auth_list_groups_for_authid",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/478313/100/0/threaded"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-08-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID function in IBM DB2 UDB 9.1 before Fixpak 3 allows attackers to cause a denial of service and possibly execute arbitrary code via a long argument."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "IZ01828",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ01828"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "db2-authlistgroups-dos(36111)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36111"
        },
        {
          "name": "20070818 Recent DB2 Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_VIM"
          ],
          "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
        },
        {
          "name": "ADV-2007-2912",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2912"
        },
        {
          "name": "db2-authlistgroupsforauthid-dos(36065)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36065"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.appsecinc.com/resources/alerts/db2/2007-01.shtml"
        },
        {
          "name": "25339",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25339"
        },
        {
          "name": "26471",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26471"
        },
        {
          "name": "1018640",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018640"
        },
        {
          "name": "20070831 Team SHATTER Advisory: IBM DB2 Buffer overflow in sysproc.auth_list_groups_for_authid",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/478313/100/0/threaded"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-4423",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID function in IBM DB2 UDB 9.1 before Fixpak 3 allows attackers to cause a denial of service and possibly execute arbitrary code via a long argument."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "IZ01828",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ01828"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "db2-authlistgroups-dos(36111)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36111"
            },
            {
              "name": "20070818 Recent DB2 Vulnerabilities",
              "refsource": "VIM",
              "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
            },
            {
              "name": "ADV-2007-2912",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2912"
            },
            {
              "name": "db2-authlistgroupsforauthid-dos(36065)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36065"
            },
            {
              "name": "http://www.appsecinc.com/resources/alerts/db2/2007-01.shtml",
              "refsource": "MISC",
              "url": "http://www.appsecinc.com/resources/alerts/db2/2007-01.shtml"
            },
            {
              "name": "25339",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/25339"
            },
            {
              "name": "26471",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26471"
            },
            {
              "name": "1018640",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018640"
            },
            {
              "name": "20070831 Team SHATTER Advisory: IBM DB2 Buffer overflow in sysproc.auth_list_groups_for_authid",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/478313/100/0/threaded"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-4423",
    "datePublished": "2007-08-18T21:00:00",
    "dateReserved": "2007-08-18T00:00:00",
    "dateUpdated": "2024-08-07T14:53:55.940Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-1089

Vulnerability from cvelistv5

Published

2007-02-23 22:00

Modified

2024-08-07 12:43

Severity ?

Summary

IBM DB2 Universal Database (UDB) 9.1 GA through 9.1 FP1 allows local users with table SELECT privileges to perform unauthorized UPDATE and DELETE SQL commands via unknown vectors.

References

▼	URL	Tags
	http://secunia.com/advisories/24283	third-party-advisory, x_refsource_SECUNIA
	http://www-1.ibm.com/support/docview.wss?uid=swg1JR25941	vendor-advisory, x_refsource_AIXAPAR
	http://www.attrition.org/pipermail/vim/2007-August/001765.html	mailing-list, x_refsource_VIM
	http://www.vupen.com/english/advisories/2007/0721	vdb-entry, x_refsource_VUPEN

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T12:43:22.574Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "24283",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24283"
          },
          {
            "name": "JR25941",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR25941"
          },
          {
            "name": "20070818 Recent DB2 Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_VIM",
              "x_transferred"
            ],
            "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
          },
          {
            "name": "ADV-2007-0721",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/0721"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-02-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 Universal Database (UDB) 9.1 GA through 9.1 FP1 allows local users with table SELECT privileges to perform unauthorized UPDATE and DELETE SQL commands via unknown vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2007-06-23T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "24283",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/24283"
        },
        {
          "name": "JR25941",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR25941"
        },
        {
          "name": "20070818 Recent DB2 Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_VIM"
          ],
          "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
        },
        {
          "name": "ADV-2007-0721",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/0721"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-1089",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 Universal Database (UDB) 9.1 GA through 9.1 FP1 allows local users with table SELECT privileges to perform unauthorized UPDATE and DELETE SQL commands via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "24283",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/24283"
            },
            {
              "name": "JR25941",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR25941"
            },
            {
              "name": "20070818 Recent DB2 Vulnerabilities",
              "refsource": "VIM",
              "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
            },
            {
              "name": "ADV-2007-0721",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/0721"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-1089",
    "datePublished": "2007-02-23T22:00:00",
    "dateReserved": "2007-02-23T00:00:00",
    "dateUpdated": "2024-08-07T12:43:22.574Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2001-1143

Vulnerability from cvelistv5

Published

2002-03-15 05:00

Modified

2024-08-08 04:44

Severity ?

Summary

IBM DB2 7.0 allows a remote attacker to cause a denial of service (crash) via a single byte to (1) db2ccs.exe on port 6790, or (2) db2jds.exe on port 6789.

References

▼	URL	Tags
	http://www.securityfocus.com/archive/1/196140	mailing-list, x_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/3010	vdb-entry, x_refsource_BID
	http://www.iss.net/security_center/static/6833.php	vdb-entry, x_refsource_XF
	http://www.iss.net/security_center/static/6832.php	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T04:44:07.867Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20010711 IBM Windows DB2 DoS",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/196140"
          },
          {
            "name": "3010",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/3010"
          },
          {
            "name": "ibm-db2-jds-dos(6833)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "http://www.iss.net/security_center/static/6833.php"
          },
          {
            "name": "ibm-db2-ccs-dos(6832)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "http://www.iss.net/security_center/static/6832.php"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2001-07-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 7.0 allows a remote attacker to cause a denial of service (crash) via a single byte to (1) db2ccs.exe on port 6790, or (2) db2jds.exe on port 6789."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2002-03-22T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20010711 IBM Windows DB2 DoS",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/196140"
        },
        {
          "name": "3010",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/3010"
        },
        {
          "name": "ibm-db2-jds-dos(6833)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "http://www.iss.net/security_center/static/6833.php"
        },
        {
          "name": "ibm-db2-ccs-dos(6832)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "http://www.iss.net/security_center/static/6832.php"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2001-1143",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 7.0 allows a remote attacker to cause a denial of service (crash) via a single byte to (1) db2ccs.exe on port 6790, or (2) db2jds.exe on port 6789."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20010711 IBM Windows DB2 DoS",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/196140"
            },
            {
              "name": "3010",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/3010"
            },
            {
              "name": "ibm-db2-jds-dos(6833)",
              "refsource": "XF",
              "url": "http://www.iss.net/security_center/static/6833.php"
            },
            {
              "name": "ibm-db2-ccs-dos(6832)",
              "refsource": "XF",
              "url": "http://www.iss.net/security_center/static/6832.php"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2001-1143",
    "datePublished": "2002-03-15T05:00:00",
    "dateReserved": "2002-03-15T00:00:00",
    "dateUpdated": "2024-08-08T04:44:07.867Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-6047

Vulnerability from cvelistv5

Published

2007-11-20 20:00

Modified

2024-08-07 15:54

Severity ?

Summary

Unspecified vulnerability in the DB2DART tool in IBM DB2 UDB 9.1 before Fixpak 4 allows attackers to execute arbitrary commands as the DB2 instance owner, related to invocation of TPUT by DB2DART.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2007/3867	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/26450	vdb-entry, x_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03646	vendor-advisory, x_refsource_AIXAPAR
	http://secunia.com/advisories/27667	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:54:26.543Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "ADV-2007-3867",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3867"
          },
          {
            "name": "26450",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26450"
          },
          {
            "name": "IZ03646",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03646"
          },
          {
            "name": "27667",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27667"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-11-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the DB2DART tool in IBM DB2 UDB 9.1 before Fixpak 4 allows attackers to execute arbitrary commands as the DB2 instance owner, related to invocation of TPUT by DB2DART."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-02-26T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "ADV-2007-3867",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3867"
        },
        {
          "name": "26450",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26450"
        },
        {
          "name": "IZ03646",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03646"
        },
        {
          "name": "27667",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27667"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-6047",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the DB2DART tool in IBM DB2 UDB 9.1 before Fixpak 4 allows attackers to execute arbitrary commands as the DB2 instance owner, related to invocation of TPUT by DB2DART."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "ADV-2007-3867",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3867"
            },
            {
              "name": "26450",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26450"
            },
            {
              "name": "IZ03646",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03646"
            },
            {
              "name": "27667",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27667"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-6047",
    "datePublished": "2007-11-20T20:00:00",
    "dateReserved": "2007-11-20T00:00:00",
    "dateUpdated": "2024-08-07T15:54:26.543Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-4271

Vulnerability from cvelistv5

Published

2007-08-18 21:00

Modified

2024-08-07 14:46

Severity ?

Summary

Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary files via a .. (dot dot) in an unspecified environment variable, which is appended to "/tmp/" and used as a log file. NOTE: this issue might be related to symlink following.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	x_refsource_CONFIRM
	http://www.attrition.org/pipermail/vim/2007-August/001765.html	mailing-list, x_refsource_VIM
	http://www.vupen.com/english/advisories/2007/2912	vdb-entry, x_refsource_VUPEN
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY98210	vendor-advisory, x_refsource_AIXAPAR
	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=579	third-party-advisory, x_refsource_IDEFENSE
	http://www.securityfocus.com/bid/25339	vdb-entry, x_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg21255352	x_refsource_CONFIRM
	http://securitytracker.com/id?1018581	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/26471	third-party-advisory, x_refsource_SECUNIA
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY99261	vendor-advisory, x_refsource_AIXAPAR

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:46:39.432Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "20070818 Recent DB2 Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_VIM",
              "x_transferred"
            ],
            "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
          },
          {
            "name": "ADV-2007-2912",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2912"
          },
          {
            "name": "IY98210",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98210"
          },
          {
            "name": "20070816 IBM DB2 Universal Database Directory Traversal Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=579"
          },
          {
            "name": "25339",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25339"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
          },
          {
            "name": "1018581",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018581"
          },
          {
            "name": "26471",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26471"
          },
          {
            "name": "IY99261",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY99261"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-08-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary files via a .. (dot dot) in an unspecified environment variable, which is appended to \"/tmp/\" and used as a log file.  NOTE: this issue might be related to symlink following."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-05T16:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "20070818 Recent DB2 Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_VIM"
          ],
          "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
        },
        {
          "name": "ADV-2007-2912",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2912"
        },
        {
          "name": "IY98210",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98210"
        },
        {
          "name": "20070816 IBM DB2 Universal Database Directory Traversal Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=579"
        },
        {
          "name": "25339",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25339"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
        },
        {
          "name": "1018581",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018581"
        },
        {
          "name": "26471",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26471"
        },
        {
          "name": "IY99261",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY99261"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-4271",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary files via a .. (dot dot) in an unspecified environment variable, which is appended to \"/tmp/\" and used as a log file.  NOTE: this issue might be related to symlink following."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "20070818 Recent DB2 Vulnerabilities",
              "refsource": "VIM",
              "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
            },
            {
              "name": "ADV-2007-2912",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2912"
            },
            {
              "name": "IY98210",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98210"
            },
            {
              "name": "20070816 IBM DB2 Universal Database Directory Traversal Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=579"
            },
            {
              "name": "25339",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/25339"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
            },
            {
              "name": "1018581",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1018581"
            },
            {
              "name": "26471",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26471"
            },
            {
              "name": "IY99261",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY99261"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-4271",
    "datePublished": "2007-08-18T21:00:00",
    "dateReserved": "2007-08-09T00:00:00",
    "dateUpdated": "2024-08-07T14:46:39.432Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0795

Vulnerability from cvelistv5

Published

2004-08-20 04:00

Modified

2024-08-08 00:31

Severity ?

Summary

DB2 8.1 remote command server (DB2RCMD.EXE) executes the db2rcmdc.exe program as the db2admin administrator, which allows local users to gain privileges via the DB2REMOTECMD named pipe.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/15420	vdb-entry, x_refsource_XF
	http://marc.info/?l=bugtraq&m=107885081414173&w=2	mailing-list, x_refsource_BUGTRAQ
	http://www.nextgenss.com/advisories/db2rmtcmd.txt	x_refsource_MISC
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY53894	vendor-advisory, x_refsource_AIXAPAR
	http://www.securityfocus.com/bid/9821	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:31:47.331Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "db2-rcs-gain-privileges(15420)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15420"
          },
          {
            "name": "20040309 IBM DB2 Remote Command Execution Privilege Upgrade (#NISR09032004)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=107885081414173\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.nextgenss.com/advisories/db2rmtcmd.txt"
          },
          {
            "name": "IY53894",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY53894"
          },
          {
            "name": "9821",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/9821"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-03-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "DB2 8.1 remote command server (DB2RCMD.EXE) executes the db2rcmdc.exe program as the db2admin administrator, which allows local users to gain privileges via the DB2REMOTECMD named pipe."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "db2-rcs-gain-privileges(15420)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15420"
        },
        {
          "name": "20040309 IBM DB2 Remote Command Execution Privilege Upgrade (#NISR09032004)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=107885081414173\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.nextgenss.com/advisories/db2rmtcmd.txt"
        },
        {
          "name": "IY53894",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY53894"
        },
        {
          "name": "9821",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/9821"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0795",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "DB2 8.1 remote command server (DB2RCMD.EXE) executes the db2rcmdc.exe program as the db2admin administrator, which allows local users to gain privileges via the DB2REMOTECMD named pipe."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "db2-rcs-gain-privileges(15420)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15420"
            },
            {
              "name": "20040309 IBM DB2 Remote Command Execution Privilege Upgrade (#NISR09032004)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=107885081414173\u0026w=2"
            },
            {
              "name": "http://www.nextgenss.com/advisories/db2rmtcmd.txt",
              "refsource": "MISC",
              "url": "http://www.nextgenss.com/advisories/db2rmtcmd.txt"
            },
            {
              "name": "IY53894",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY53894"
            },
            {
              "name": "9821",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/9821"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0795",
    "datePublished": "2004-08-20T04:00:00",
    "dateReserved": "2004-08-19T00:00:00",
    "dateUpdated": "2024-08-08T00:31:47.331Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2003-0759

Vulnerability from cvelistv5

Published

2003-09-19 04:00

Modified

2024-08-08 02:05

Severity ?

Summary

Buffer overflow in db2licm in IBM DB2 Universal Data Base 7.2 before Fixpak 10a allows local users to gain root privileges via a long command line argument.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/8553	vdb-entry, x_refsource_BID
	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/db2aixv7/FP10a_U495172/FixpakReadme.txt	x_refsource_CONFIRM
	http://www-3.ibm.com/cgi-bin/db2www/data/db2/udb/winos2unix/support/aparlib.d2w/display_apar_details?aparno=IY47653	vendor-advisory, x_refsource_AIXAPAR
	http://www.ciac.org/ciac/bulletins/n-154.shtml	third-party-advisory, government-resource, x_refsource_CIAC
	http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0114.html	mailing-list, x_refsource_VULNWATCH
	http://marc.info/?l=bugtraq&m=106389919618721&w=2	mailing-list, x_refsource_BUGTRAQ
	http://www.coresecurity.com/common/showdoc.php?idx=366&idxseccion=10	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:05:11.932Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "8553",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/8553"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/db2aixv7/FP10a_U495172/FixpakReadme.txt"
          },
          {
            "name": "IY47653",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-3.ibm.com/cgi-bin/db2www/data/db2/udb/winos2unix/support/aparlib.d2w/display_apar_details?aparno=IY47653"
          },
          {
            "name": "N-154",
            "tags": [
              "third-party-advisory",
              "government-resource",
              "x_refsource_CIAC",
              "x_transferred"
            ],
            "url": "http://www.ciac.org/ciac/bulletins/n-154.shtml"
          },
          {
            "name": "20030918 CORE-2003-0531: Multiple IBM DB2 Stack Overflow Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_VULNWATCH",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0114.html"
          },
          {
            "name": "20030918 CORE-2003-0531: Multiple IBM DB2 Stack Overflow Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=106389919618721\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.coresecurity.com/common/showdoc.php?idx=366\u0026idxseccion=10"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-09-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in db2licm in IBM DB2 Universal Data Base 7.2 before Fixpak 10a allows local users to gain root privileges via a long command line argument."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-10-17T13:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "8553",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/8553"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/db2aixv7/FP10a_U495172/FixpakReadme.txt"
        },
        {
          "name": "IY47653",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-3.ibm.com/cgi-bin/db2www/data/db2/udb/winos2unix/support/aparlib.d2w/display_apar_details?aparno=IY47653"
        },
        {
          "name": "N-154",
          "tags": [
            "third-party-advisory",
            "government-resource",
            "x_refsource_CIAC"
          ],
          "url": "http://www.ciac.org/ciac/bulletins/n-154.shtml"
        },
        {
          "name": "20030918 CORE-2003-0531: Multiple IBM DB2 Stack Overflow Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_VULNWATCH"
          ],
          "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0114.html"
        },
        {
          "name": "20030918 CORE-2003-0531: Multiple IBM DB2 Stack Overflow Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=106389919618721\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.coresecurity.com/common/showdoc.php?idx=366\u0026idxseccion=10"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0759",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in db2licm in IBM DB2 Universal Data Base 7.2 before Fixpak 10a allows local users to gain root privileges via a long command line argument."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "8553",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/8553"
            },
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/db2aixv7/FP10a_U495172/FixpakReadme.txt",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/db2aixv7/FP10a_U495172/FixpakReadme.txt"
            },
            {
              "name": "IY47653",
              "refsource": "AIXAPAR",
              "url": "http://www-3.ibm.com/cgi-bin/db2www/data/db2/udb/winos2unix/support/aparlib.d2w/display_apar_details?aparno=IY47653"
            },
            {
              "name": "N-154",
              "refsource": "CIAC",
              "url": "http://www.ciac.org/ciac/bulletins/n-154.shtml"
            },
            {
              "name": "20030918 CORE-2003-0531: Multiple IBM DB2 Stack Overflow Vulnerabilities",
              "refsource": "VULNWATCH",
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0114.html"
            },
            {
              "name": "20030918 CORE-2003-0531: Multiple IBM DB2 Stack Overflow Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=106389919618721\u0026w=2"
            },
            {
              "name": "http://www.coresecurity.com/common/showdoc.php?idx=366\u0026idxseccion=10",
              "refsource": "MISC",
              "url": "http://www.coresecurity.com/common/showdoc.php?idx=366\u0026idxseccion=10"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0759",
    "datePublished": "2003-09-19T04:00:00",
    "dateReserved": "2003-09-04T00:00:00",
    "dateUpdated": "2024-08-08T02:05:11.932Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-4865

Vulnerability from cvelistv5

Published

2007-10-06 21:00

Modified

2024-08-08 00:01

Severity ?

Summary

Stack-based buffer overflow in call in IBM DB2 7.x and 8.1 allows remote attackers to execute arbitrary code via a long libname.

References

▼	URL	Tags
	http://marc.info/?l=bugtraq&m=110495173031208&w=2	mailing-list, x_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilities/17611	vdb-entry, x_refsource_XF
	http://www.nextgenss.com/advisories/db205012005C.txt	x_refsource_MISC
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY62041	vendor-advisory, x_refsource_AIXAPAR
	http://www.securityfocus.com/bid/11399	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/12733/	third-party-advisory, x_refsource_SECUNIA
	http://www-1.ibm.com/support/docview.wss?uid=swg21181228	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:01:23.480Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20050105 IBM DB2 call buffer overflow (#NISR05012005C)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110495173031208\u0026w=2"
          },
          {
            "name": "db2-long-library-bo(17611)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17611"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.nextgenss.com/advisories/db205012005C.txt"
          },
          {
            "name": "IY62041",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY62041"
          },
          {
            "name": "11399",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11399"
          },
          {
            "name": "12733",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/12733/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21181228"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in call in IBM DB2 7.x and 8.1 allows remote attackers to execute arbitrary code via a long libname."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20050105 IBM DB2 call buffer overflow (#NISR05012005C)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110495173031208\u0026w=2"
        },
        {
          "name": "db2-long-library-bo(17611)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17611"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.nextgenss.com/advisories/db205012005C.txt"
        },
        {
          "name": "IY62041",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY62041"
        },
        {
          "name": "11399",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11399"
        },
        {
          "name": "12733",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/12733/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21181228"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-4865",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in call in IBM DB2 7.x and 8.1 allows remote attackers to execute arbitrary code via a long libname."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20050105 IBM DB2 call buffer overflow (#NISR05012005C)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=110495173031208\u0026w=2"
            },
            {
              "name": "db2-long-library-bo(17611)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17611"
            },
            {
              "name": "http://www.nextgenss.com/advisories/db205012005C.txt",
              "refsource": "MISC",
              "url": "http://www.nextgenss.com/advisories/db205012005C.txt"
            },
            {
              "name": "IY62041",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY62041"
            },
            {
              "name": "11399",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11399"
            },
            {
              "name": "12733",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/12733/"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21181228",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21181228"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-4865",
    "datePublished": "2007-10-06T21:00:00",
    "dateReserved": "2007-10-06T00:00:00",
    "dateUpdated": "2024-08-08T00:01:23.480Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-4417

Vulnerability from cvelistv5

Published

2007-08-18 21:00

Modified

2024-08-07 14:53

Severity ?

Summary

IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 does not properly revoke privileges on methods, which allows remote authenticated users to execute a method after revocation until the routine auth cache is flushed.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	x_refsource_CONFIRM
	http://www.attrition.org/pipermail/vim/2007-August/001765.html	mailing-list, x_refsource_VIM
	http://www.vupen.com/english/advisories/2007/2912	vdb-entry, x_refsource_VUPEN
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY88158	vendor-advisory, x_refsource_AIXAPAR
	https://exchange.xforce.ibmcloud.com/vulnerabilities/36108	vdb-entry, x_refsource_XF
	http://www.securityfocus.com/bid/25339	vdb-entry, x_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg21255352	x_refsource_CONFIRM
	http://secunia.com/advisories/26471	third-party-advisory, x_refsource_SECUNIA
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY88226	vendor-advisory, x_refsource_AIXAPAR

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:53:55.881Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "20070818 Recent DB2 Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_VIM",
              "x_transferred"
            ],
            "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
          },
          {
            "name": "ADV-2007-2912",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2912"
          },
          {
            "name": "IY88158",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY88158"
          },
          {
            "name": "db2-method-privilege-escalation(36108)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36108"
          },
          {
            "name": "25339",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25339"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
          },
          {
            "name": "26471",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26471"
          },
          {
            "name": "IY88226",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY88226"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-08-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 does not properly revoke privileges on methods, which allows remote authenticated users to execute a method after revocation until the routine auth cache is flushed."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "20070818 Recent DB2 Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_VIM"
          ],
          "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
        },
        {
          "name": "ADV-2007-2912",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2912"
        },
        {
          "name": "IY88158",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY88158"
        },
        {
          "name": "db2-method-privilege-escalation(36108)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36108"
        },
        {
          "name": "25339",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25339"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
        },
        {
          "name": "26471",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26471"
        },
        {
          "name": "IY88226",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY88226"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-4417",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 does not properly revoke privileges on methods, which allows remote authenticated users to execute a method after revocation until the routine auth cache is flushed."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "20070818 Recent DB2 Vulnerabilities",
              "refsource": "VIM",
              "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
            },
            {
              "name": "ADV-2007-2912",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2912"
            },
            {
              "name": "IY88158",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY88158"
            },
            {
              "name": "db2-method-privilege-escalation(36108)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36108"
            },
            {
              "name": "25339",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/25339"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
            },
            {
              "name": "26471",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26471"
            },
            {
              "name": "IY88226",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY88226"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-4417",
    "datePublished": "2007-08-18T21:00:00",
    "dateReserved": "2007-08-18T00:00:00",
    "dateUpdated": "2024-08-07T14:53:55.881Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-4276

Vulnerability from cvelistv5

Published

2007-08-18 21:00

Modified

2024-08-07 14:46

Severity ?

Summary

Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows attackers to execute arbitrary code via a long DASPROF and possibly other environment variables, which are copied into the buildDasPaths buffer.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	x_refsource_CONFIRM
	http://www.attrition.org/pipermail/vim/2007-August/001765.html	mailing-list, x_refsource_VIM
	http://www.vupen.com/english/advisories/2007/2912	vdb-entry, x_refsource_VUPEN
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY99311	vendor-advisory, x_refsource_AIXAPAR
	http://www.securityfocus.com/bid/25339	vdb-entry, x_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg21255352	x_refsource_CONFIRM
	http://securitytracker.com/id?1018581	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/26471	third-party-advisory, x_refsource_SECUNIA
	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=583	third-party-advisory, x_refsource_IDEFENSE
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY97346	vendor-advisory, x_refsource_AIXAPAR
	https://exchange.xforce.ibmcloud.com/vulnerabilities/36067	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:46:39.416Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "20070818 Recent DB2 Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_VIM",
              "x_transferred"
            ],
            "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
          },
          {
            "name": "ADV-2007-2912",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2912"
          },
          {
            "name": "IY99311",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY99311"
          },
          {
            "name": "25339",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25339"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
          },
          {
            "name": "1018581",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018581"
          },
          {
            "name": "26471",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26471"
          },
          {
            "name": "20070816 IBM DB2 Universal Database buildDasPaths Buffer Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=583"
          },
          {
            "name": "IY97346",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY97346"
          },
          {
            "name": "db2-environment-variables-bo(36067)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36067"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-08-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows attackers to execute arbitrary code via a long DASPROF and possibly other environment variables, which are copied into the buildDasPaths buffer."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "20070818 Recent DB2 Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_VIM"
          ],
          "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
        },
        {
          "name": "ADV-2007-2912",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2912"
        },
        {
          "name": "IY99311",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY99311"
        },
        {
          "name": "25339",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25339"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
        },
        {
          "name": "1018581",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018581"
        },
        {
          "name": "26471",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26471"
        },
        {
          "name": "20070816 IBM DB2 Universal Database buildDasPaths Buffer Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=583"
        },
        {
          "name": "IY97346",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY97346"
        },
        {
          "name": "db2-environment-variables-bo(36067)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36067"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-4276",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows attackers to execute arbitrary code via a long DASPROF and possibly other environment variables, which are copied into the buildDasPaths buffer."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "20070818 Recent DB2 Vulnerabilities",
              "refsource": "VIM",
              "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
            },
            {
              "name": "ADV-2007-2912",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2912"
            },
            {
              "name": "IY99311",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY99311"
            },
            {
              "name": "25339",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/25339"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
            },
            {
              "name": "1018581",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1018581"
            },
            {
              "name": "26471",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26471"
            },
            {
              "name": "20070816 IBM DB2 Universal Database buildDasPaths Buffer Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=583"
            },
            {
              "name": "IY97346",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY97346"
            },
            {
              "name": "db2-environment-variables-bo(36067)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36067"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-4276",
    "datePublished": "2007-08-18T21:00:00",
    "dateReserved": "2007-08-09T00:00:00",
    "dateUpdated": "2024-08-07T14:46:39.416Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2001-0051

Vulnerability from cvelistv5

Published

2001-02-02 05:00

Modified

2024-08-08 04:06

Severity ?

Summary

IBM DB2 Universal Database version 6.1 creates an account with a default user name and password, which allows remote attackers to gain access to the database.

References

▼	URL	Tags
	http://www.securityfocus.com/archive/1/149222	mailing-list, x_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilities/5662	vdb-entry, x_refsource_XF
	http://www.securityfocus.com/bid/2068	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T04:06:55.320Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20001205 IBM DB2 default account and password Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/149222"
          },
          {
            "name": "ibm-db2-gain-access(5662)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5662"
          },
          {
            "name": "2068",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/2068"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2000-12-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 Universal Database version 6.1 creates an account with a default user name and password, which allows remote attackers to gain access to the database."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-18T21:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20001205 IBM DB2 default account and password Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/149222"
        },
        {
          "name": "ibm-db2-gain-access(5662)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5662"
        },
        {
          "name": "2068",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/2068"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2001-0051",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 Universal Database version 6.1 creates an account with a default user name and password, which allows remote attackers to gain access to the database."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20001205 IBM DB2 default account and password Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/149222"
            },
            {
              "name": "ibm-db2-gain-access(5662)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5662"
            },
            {
              "name": "2068",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/2068"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2001-0051",
    "datePublished": "2001-02-02T05:00:00",
    "dateReserved": "2001-02-01T00:00:00",
    "dateUpdated": "2024-08-08T04:06:55.320Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-4866

Vulnerability from cvelistv5

Published

2007-10-06 21:00

Modified

2024-08-08 00:01

Severity ?

Summary

Stack-based buffer overflow in JDBC Applet Server in IBM DB2 8.1 allows remote attackers to execute arbitrary by connecting and sending a long username, then disconnecting gracefully and reconnecting and sending a short username and an unexpected db2java.zip version, which causes a null terminator to be removed and leads to the overflow.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY61492	vendor-advisory, x_refsource_AIXAPAR
	http://www.securityfocus.com/bid/11401	vdb-entry, x_refsource_BID
	http://marc.info/?l=bugtraq&m=110495251101381&w=2	mailing-list, x_refsource_BUGTRAQ
	http://secunia.com/advisories/12733/	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/17613	vdb-entry, x_refsource_XF
	http://www.nextgenss.com/advisories/db205012005D.txt	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:01:23.426Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "IY61492",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY61492"
          },
          {
            "name": "11401",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11401"
          },
          {
            "name": "20050105 IBM DB2 JDBC Applet Server buffer overflow (#NISR05012005D)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110495251101381\u0026w=2"
          },
          {
            "name": "12733",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/12733/"
          },
          {
            "name": "db2-jdbc-bo(17613)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17613"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.nextgenss.com/advisories/db205012005D.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in JDBC Applet Server in IBM DB2 8.1 allows remote attackers to execute arbitrary by connecting and sending a long username, then disconnecting gracefully and reconnecting and sending a short username and an unexpected db2java.zip version, which causes a null terminator to be removed and leads to the overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "IY61492",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY61492"
        },
        {
          "name": "11401",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11401"
        },
        {
          "name": "20050105 IBM DB2 JDBC Applet Server buffer overflow (#NISR05012005D)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110495251101381\u0026w=2"
        },
        {
          "name": "12733",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/12733/"
        },
        {
          "name": "db2-jdbc-bo(17613)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17613"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.nextgenss.com/advisories/db205012005D.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-4866",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in JDBC Applet Server in IBM DB2 8.1 allows remote attackers to execute arbitrary by connecting and sending a long username, then disconnecting gracefully and reconnecting and sending a short username and an unexpected db2java.zip version, which causes a null terminator to be removed and leads to the overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "IY61492",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY61492"
            },
            {
              "name": "11401",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11401"
            },
            {
              "name": "20050105 IBM DB2 JDBC Applet Server buffer overflow (#NISR05012005D)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=110495251101381\u0026w=2"
            },
            {
              "name": "12733",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/12733/"
            },
            {
              "name": "db2-jdbc-bo(17613)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17613"
            },
            {
              "name": "http://www.nextgenss.com/advisories/db205012005D.txt",
              "refsource": "MISC",
              "url": "http://www.nextgenss.com/advisories/db205012005D.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-4866",
    "datePublished": "2007-10-06T21:00:00",
    "dateReserved": "2007-10-06T00:00:00",
    "dateUpdated": "2024-08-08T00:01:23.426Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2003-0898

Vulnerability from cvelistv5

Published

2003-10-28 05:00

Modified

2024-08-08 02:05

Severity ?

Summary

IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on (1) db2job and (2) db2job2.

References

▼	URL	Tags
	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/db2aixv7/FP10a_U495172/FixpakReadme.txt	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=106010332721672&w=2	mailing-list, x_refsource_BUGTRAQ

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:05:12.636Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/db2aixv7/FP10a_U495172/FixpakReadme.txt"
          },
          {
            "name": "20030805 Local Vulnerability in IBM DB2 7.1 db2job binary",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=106010332721672\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-08-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on (1) db2job and (2) db2job2."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-10-17T13:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/db2aixv7/FP10a_U495172/FixpakReadme.txt"
        },
        {
          "name": "20030805 Local Vulnerability in IBM DB2 7.1 db2job binary",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=106010332721672\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0898",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on (1) db2job and (2) db2job2."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/db2aixv7/FP10a_U495172/FixpakReadme.txt",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/db2aixv7/FP10a_U495172/FixpakReadme.txt"
            },
            {
              "name": "20030805 Local Vulnerability in IBM DB2 7.1 db2job binary",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=106010332721672\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0898",
    "datePublished": "2003-10-28T05:00:00",
    "dateReserved": "2003-10-27T00:00:00",
    "dateUpdated": "2024-08-08T02:05:12.636Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-4273

Vulnerability from cvelistv5

Published

2007-08-18 21:00

Modified

2024-08-07 14:46

Severity ?

Summary

IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary directories and execute arbitrary code via a "crafted localized message file" that enables a format string attack, possibly involving the (1) OSSEMEMDBG or (2) TRC_LOG_FILE environment variable in db2licd (db2licm).

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/36106	vdb-entry, x_refsource_XF
	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	x_refsource_CONFIRM
	http://www.attrition.org/pipermail/vim/2007-August/001765.html	mailing-list, x_refsource_VIM
	http://www.vupen.com/english/advisories/2007/2912	vdb-entry, x_refsource_VUPEN
	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=581	third-party-advisory, x_refsource_IDEFENSE
	http://www.securityfocus.com/bid/25339	vdb-entry, x_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg21255352	x_refsource_CONFIRM
	http://securitytracker.com/id?1018581	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/26471	third-party-advisory, x_refsource_SECUNIA
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY98101	vendor-advisory, x_refsource_AIXAPAR
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY98011	vendor-advisory, x_refsource_AIXAPAR

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:46:39.455Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "db2-message-file-format-string(36106)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36106"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "20070818 Recent DB2 Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_VIM",
              "x_transferred"
            ],
            "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
          },
          {
            "name": "ADV-2007-2912",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2912"
          },
          {
            "name": "20070816 IBM DB2 Universal Database Directory Creation Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=581"
          },
          {
            "name": "25339",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25339"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
          },
          {
            "name": "1018581",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018581"
          },
          {
            "name": "26471",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26471"
          },
          {
            "name": "IY98101",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98101"
          },
          {
            "name": "IY98011",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98011"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-08-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary directories and execute arbitrary code via a \"crafted localized message file\" that enables a format string attack, possibly involving the (1) OSSEMEMDBG or (2) TRC_LOG_FILE environment variable in db2licd (db2licm)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "db2-message-file-format-string(36106)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36106"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "20070818 Recent DB2 Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_VIM"
          ],
          "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
        },
        {
          "name": "ADV-2007-2912",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2912"
        },
        {
          "name": "20070816 IBM DB2 Universal Database Directory Creation Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=581"
        },
        {
          "name": "25339",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25339"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
        },
        {
          "name": "1018581",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018581"
        },
        {
          "name": "26471",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26471"
        },
        {
          "name": "IY98101",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98101"
        },
        {
          "name": "IY98011",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98011"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-4273",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary directories and execute arbitrary code via a \"crafted localized message file\" that enables a format string attack, possibly involving the (1) OSSEMEMDBG or (2) TRC_LOG_FILE environment variable in db2licd (db2licm)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "db2-message-file-format-string(36106)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36106"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "20070818 Recent DB2 Vulnerabilities",
              "refsource": "VIM",
              "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
            },
            {
              "name": "ADV-2007-2912",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2912"
            },
            {
              "name": "20070816 IBM DB2 Universal Database Directory Creation Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=581"
            },
            {
              "name": "25339",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/25339"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
            },
            {
              "name": "1018581",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1018581"
            },
            {
              "name": "26471",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26471"
            },
            {
              "name": "IY98101",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98101"
            },
            {
              "name": "IY98011",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98011"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-4273",
    "datePublished": "2007-08-18T21:00:00",
    "dateReserved": "2007-08-09T00:00:00",
    "dateUpdated": "2024-08-07T14:46:39.455Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-4868

Vulnerability from cvelistv5

Published

2007-10-06 21:00

Modified

2024-08-08 00:01

Severity ?

Summary

Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for the Everyone group, which allows local users to gain unauthorized access, gain sensitive information, such as cleartext passwords, and cause a denial of service.

References

▼	URL	Tags
	http://marc.info/?l=bugtraq&m=110495402231836&w=2	mailing-list, x_refsource_BUGTRAQ
	http://www.securityfocus.com/bid/11402	vdb-entry, x_refsource_BID
	https://exchange.xforce.ibmcloud.com/vulnerabilities/17605	vdb-entry, x_refsource_XF
	http://www.nextgenss.com/advisories/db205012005F.txt	x_refsource_MISC
	http://secunia.com/advisories/12733/	third-party-advisory, x_refsource_SECUNIA
	http://www-1.ibm.com/support/docview.wss?uid=swg21181228	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:01:23.315Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20050105 IBM DB2 Windows Permission Problems (#NISR05012005F)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110495402231836\u0026w=2"
          },
          {
            "name": "11402",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11402"
          },
          {
            "name": "db2-everyone-gain-access(17605)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17605"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.nextgenss.com/advisories/db205012005F.txt"
          },
          {
            "name": "12733",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/12733/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21181228"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for the Everyone group, which allows local users to gain unauthorized access, gain sensitive information, such as cleartext passwords, and cause a denial of service."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-16T13:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20050105 IBM DB2 Windows Permission Problems (#NISR05012005F)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110495402231836\u0026w=2"
        },
        {
          "name": "11402",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11402"
        },
        {
          "name": "db2-everyone-gain-access(17605)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17605"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.nextgenss.com/advisories/db205012005F.txt"
        },
        {
          "name": "12733",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/12733/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21181228"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-4868",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Shared memory sections and events in IBM DB2 8.1 have default permissions of read and write for the Everyone group, which allows local users to gain unauthorized access, gain sensitive information, such as cleartext passwords, and cause a denial of service."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20050105 IBM DB2 Windows Permission Problems (#NISR05012005F)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=110495402231836\u0026w=2"
            },
            {
              "name": "11402",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11402"
            },
            {
              "name": "db2-everyone-gain-access(17605)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17605"
            },
            {
              "name": "http://www.nextgenss.com/advisories/db205012005F.txt",
              "refsource": "MISC",
              "url": "http://www.nextgenss.com/advisories/db205012005F.txt"
            },
            {
              "name": "12733",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/12733/"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21181228",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21181228"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-4868",
    "datePublished": "2007-10-06T21:00:00",
    "dateReserved": "2007-10-06T00:00:00",
    "dateUpdated": "2024-08-08T00:01:23.315Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-3643

Vulnerability from cvelistv5

Published

2005-11-16 21:17

Modified

2024-09-16 19:15

Severity ?

Summary

IBM DB2 Database server running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication and log on to the guest account without supplying a password.

References

▼	URL	Tags
	http://www.ngssoftware.com/papers/database-on-xp.pdf	x_refsource_MISC
	http://www.securityfocus.com/bid/15452	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:17:23.400Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.ngssoftware.com/papers/database-on-xp.pdf"
          },
          {
            "name": "15452",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/15452"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 Database server running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication and log on to the guest account without supplying a password."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2005-11-16T21:17:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.ngssoftware.com/papers/database-on-xp.pdf"
        },
        {
          "name": "15452",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/15452"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-3643",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 Database server running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication and log on to the guest account without supplying a password."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ngssoftware.com/papers/database-on-xp.pdf",
              "refsource": "MISC",
              "url": "http://www.ngssoftware.com/papers/database-on-xp.pdf"
            },
            {
              "name": "15452",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/15452"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-3643",
    "datePublished": "2005-11-16T21:17:00Z",
    "dateReserved": "2005-11-16T00:00:00Z",
    "dateUpdated": "2024-09-16T19:15:48.189Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-3852

Vulnerability from cvelistv5

Published

2008-08-28 17:00

Modified

2024-08-07 09:53

Severity ?

Summary

Unspecified vulnerability in the CLR stored procedure deployment from IBM Database Add-Ins for Visual Studio in the Visual Studio Net component in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 2 allows remote authenticated users to execute arbitrary code via unknown vectors.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	x_refsource_CONFIRM
	http://www-1.ibm.com/support/docview.wss?uid=swg1JR28432	vendor-advisory, x_refsource_AIXAPAR
	http://www.securitytracker.com/id?1020761	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/archive/1/496405/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www-1.ibm.com/support/docview.wss?uid=swg1JR28431	vendor-advisory, x_refsource_AIXAPAR
	https://exchange.xforce.ibmcloud.com/vulnerabilities/44697	vdb-entry, x_refsource_XF
	http://www.vupen.com/english/advisories/2008/1769	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/29601	vdb-entry, x_refsource_BID
	http://www.vupen.com/english/advisories/2008/2445	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/31635	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/42927	vdb-entry, x_refsource_XF
	http://www-1.ibm.com/support/docview.wss?uid=swg21293566	x_refsource_CONFIRM
	http://secunia.com/advisories/30558	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:53:00.410Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "JR28432",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR28432"
          },
          {
            "name": "1020761",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020761"
          },
          {
            "name": "20080916 Team SHATTER Security Advisory: Security Vulnerability in CLR stored procedure deployment from IBM Database Add-Ins for Visual Studio",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/496405/100/0/threaded"
          },
          {
            "name": "JR28431",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR28431"
          },
          {
            "name": "ibm-db2-clr-visualstudio-unspecified(44697)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44697"
          },
          {
            "name": "ADV-2008-1769",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1769"
          },
          {
            "name": "29601",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/29601"
          },
          {
            "name": "ADV-2008-2445",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/2445"
          },
          {
            "name": "31635",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31635"
          },
          {
            "name": "ibm-db2-clr-unspecified(42927)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42927"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21293566"
          },
          {
            "name": "30558",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30558"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-06-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the CLR stored procedure deployment from IBM Database Add-Ins for Visual Studio in the Visual Studio Net component in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 2 allows remote authenticated users to execute arbitrary code via unknown vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "JR28432",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR28432"
        },
        {
          "name": "1020761",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020761"
        },
        {
          "name": "20080916 Team SHATTER Security Advisory: Security Vulnerability in CLR stored procedure deployment from IBM Database Add-Ins for Visual Studio",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/496405/100/0/threaded"
        },
        {
          "name": "JR28431",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR28431"
        },
        {
          "name": "ibm-db2-clr-visualstudio-unspecified(44697)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44697"
        },
        {
          "name": "ADV-2008-1769",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1769"
        },
        {
          "name": "29601",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/29601"
        },
        {
          "name": "ADV-2008-2445",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/2445"
        },
        {
          "name": "31635",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31635"
        },
        {
          "name": "ibm-db2-clr-unspecified(42927)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42927"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21293566"
        },
        {
          "name": "30558",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30558"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-3852",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the CLR stored procedure deployment from IBM Database Add-Ins for Visual Studio in the Visual Studio Net component in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 2 allows remote authenticated users to execute arbitrary code via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "JR28432",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR28432"
            },
            {
              "name": "1020761",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020761"
            },
            {
              "name": "20080916 Team SHATTER Security Advisory: Security Vulnerability in CLR stored procedure deployment from IBM Database Add-Ins for Visual Studio",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/496405/100/0/threaded"
            },
            {
              "name": "JR28431",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR28431"
            },
            {
              "name": "ibm-db2-clr-visualstudio-unspecified(44697)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44697"
            },
            {
              "name": "ADV-2008-1769",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1769"
            },
            {
              "name": "29601",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/29601"
            },
            {
              "name": "ADV-2008-2445",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/2445"
            },
            {
              "name": "31635",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31635"
            },
            {
              "name": "ibm-db2-clr-unspecified(42927)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42927"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21293566",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21293566"
            },
            {
              "name": "30558",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30558"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-3852",
    "datePublished": "2008-08-28T17:00:00",
    "dateReserved": "2008-08-28T00:00:00",
    "dateUpdated": "2024-08-07T09:53:00.410Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2006-3068

Vulnerability from cvelistv5

Published

2006-06-19 10:00

Modified

2024-08-07 18:16

Severity ?

Summary

IBM DB2 Universal Database (UDB) before 8.2 FixPak 12 allows remote attackers to cause a denial of service (application crash) by sending "incorrect information ... regarding the package name/creator," which leads to a "memory overwrite."

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY79204	vendor-advisory, x_refsource_AIXAPAR
	http://www.osvdb.org/29862	vdb-entry, x_refsource_OSVDB
	http://secunia.com/advisories/20579	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2006/2332	vdb-entry, x_refsource_VUPEN

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:16:05.806Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "IY79204",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY79204"
          },
          {
            "name": "29862",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/29862"
          },
          {
            "name": "20579",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20579"
          },
          {
            "name": "ADV-2006-2332",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2332"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-05-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 Universal Database (UDB) before 8.2 FixPak 12 allows remote attackers to cause a denial of service (application crash) by sending \"incorrect information ... regarding the package name/creator,\" which leads to a \"memory overwrite.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2006-10-28T09:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "IY79204",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY79204"
        },
        {
          "name": "29862",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/29862"
        },
        {
          "name": "20579",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20579"
        },
        {
          "name": "ADV-2006-2332",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2332"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3068",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 Universal Database (UDB) before 8.2 FixPak 12 allows remote attackers to cause a denial of service (application crash) by sending \"incorrect information ... regarding the package name/creator,\" which leads to a \"memory overwrite.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "IY79204",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY79204"
            },
            {
              "name": "29862",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/29862"
            },
            {
              "name": "20579",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20579"
            },
            {
              "name": "ADV-2006-2332",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/2332"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-3068",
    "datePublished": "2006-06-19T10:00:00",
    "dateReserved": "2006-06-19T00:00:00",
    "dateUpdated": "2024-08-07T18:16:05.806Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-6052

Vulnerability from cvelistv5

Published

2007-11-20 20:00

Modified

2024-08-07 15:54

Severity ?

Summary

IBM DB2 UDB 9.1 before Fixpak 4 does not properly perform vector aggregation, which might allow attackers to cause a denial of service (divide-by-zero error and DBMS crash), related to an "overflow." NOTE: the vendor description of this issue is too vague to be certain that it is security-related.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2007/3867	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/26450	vdb-entry, x_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ08205	vendor-advisory, x_refsource_AIXAPAR

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:54:26.449Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "ADV-2007-3867",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3867"
          },
          {
            "name": "26450",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26450"
          },
          {
            "name": "IZ08205",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ08205"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-11-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 UDB 9.1 before Fixpak 4 does not properly perform vector aggregation, which might allow attackers to cause a denial of service (divide-by-zero error and DBMS crash), related to an \"overflow.\" NOTE: the vendor description of this issue is too vague to be certain that it is security-related."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-02-26T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "ADV-2007-3867",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3867"
        },
        {
          "name": "26450",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26450"
        },
        {
          "name": "IZ08205",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ08205"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-6052",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 UDB 9.1 before Fixpak 4 does not properly perform vector aggregation, which might allow attackers to cause a denial of service (divide-by-zero error and DBMS crash), related to an \"overflow.\" NOTE: the vendor description of this issue is too vague to be certain that it is security-related."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "ADV-2007-3867",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3867"
            },
            {
              "name": "26450",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26450"
            },
            {
              "name": "IZ08205",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ08205"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-6052",
    "datePublished": "2007-11-20T20:00:00",
    "dateReserved": "2007-11-20T00:00:00",
    "dateUpdated": "2024-08-07T15:54:26.449Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2003-0827

Vulnerability from cvelistv5

Published

2003-09-23 04:00

Modified

2024-08-08 02:05

Severity ?

Summary

The DB2 Discovery Service for IBM DB2 before FixPak 10a allows remote attackers to cause a denial of service (crash) via a long packet to UDP port 523.

References

▼	URL	Tags
	http://marc.info/?l=bugtraq&m=106399616919636&w=2	mailing-list, x_refsource_BUGTRAQ
	http://www-1.ibm.com/support/search.wss?rs=0&q=IY47686&apar=only	vendor-advisory, x_refsource_AIXAPAR

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:05:12.556Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20030919 AppSecInc Security Alert: Denial of Service Vulnerability in DB2 Discovery Service",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=106399616919636\u0026w=2"
          },
          {
            "name": "IY47686",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY47686\u0026apar=only"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-09-19T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The DB2 Discovery Service for IBM DB2 before FixPak 10a allows remote attackers to cause a denial of service (crash) via a long packet to UDP port 523."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-10-17T13:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20030919 AppSecInc Security Alert: Denial of Service Vulnerability in DB2 Discovery Service",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=106399616919636\u0026w=2"
        },
        {
          "name": "IY47686",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY47686\u0026apar=only"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0827",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The DB2 Discovery Service for IBM DB2 before FixPak 10a allows remote attackers to cause a denial of service (crash) via a long packet to UDP port 523."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20030919 AppSecInc Security Alert: Denial of Service Vulnerability in DB2 Discovery Service",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=106399616919636\u0026w=2"
            },
            {
              "name": "IY47686",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY47686\u0026apar=only"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0827",
    "datePublished": "2003-09-23T04:00:00",
    "dateReserved": "2003-09-19T00:00:00",
    "dateUpdated": "2024-08-08T02:05:12.556Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-4272

Vulnerability from cvelistv5

Published

2007-08-18 21:00

Modified

2024-08-07 14:46

Severity ?

Summary

Multiple vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to create arbitrary files via (1) unspecified vectors where an attacker's umask is honored, (2) /etc/ld.so.preload, (3) certain "cron data file locations", and other unspecified vectors possibly involving the (4) OSSEMEMDBG or (5) TRC_LOG_FILE environment variable in db2licd (db2licm).

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	x_refsource_CONFIRM
	http://www.attrition.org/pipermail/vim/2007-August/001765.html	mailing-list, x_refsource_VIM
	http://www.vupen.com/english/advisories/2007/2912	vdb-entry, x_refsource_VUPEN
	https://exchange.xforce.ibmcloud.com/vulnerabilities/36104	vdb-entry, x_refsource_XF
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY98210	vendor-advisory, x_refsource_AIXAPAR
	http://www.securityfocus.com/bid/25339	vdb-entry, x_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg21255352	x_refsource_CONFIRM
	http://securitytracker.com/id?1018581	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/26471	third-party-advisory, x_refsource_SECUNIA
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY98101	vendor-advisory, x_refsource_AIXAPAR
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY98011	vendor-advisory, x_refsource_AIXAPAR
	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=580	third-party-advisory, x_refsource_IDEFENSE

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:46:39.489Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "20070818 Recent DB2 Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_VIM",
              "x_transferred"
            ],
            "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
          },
          {
            "name": "ADV-2007-2912",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2912"
          },
          {
            "name": "db2-multiple-file-create(36104)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36104"
          },
          {
            "name": "IY98210",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98210"
          },
          {
            "name": "25339",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25339"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
          },
          {
            "name": "1018581",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018581"
          },
          {
            "name": "26471",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26471"
          },
          {
            "name": "IY98101",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98101"
          },
          {
            "name": "IY98011",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98011"
          },
          {
            "name": "20070816 IBM DB2 Universal Database Multiple File Creation Vulnerabilities",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=580"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-08-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to create arbitrary files via (1) unspecified vectors where an attacker\u0027s umask is honored, (2) /etc/ld.so.preload, (3) certain \"cron data file locations\", and other unspecified vectors possibly involving the (4) OSSEMEMDBG or (5) TRC_LOG_FILE environment variable in db2licd (db2licm)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "20070818 Recent DB2 Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_VIM"
          ],
          "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
        },
        {
          "name": "ADV-2007-2912",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2912"
        },
        {
          "name": "db2-multiple-file-create(36104)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36104"
        },
        {
          "name": "IY98210",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98210"
        },
        {
          "name": "25339",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25339"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
        },
        {
          "name": "1018581",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018581"
        },
        {
          "name": "26471",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26471"
        },
        {
          "name": "IY98101",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98101"
        },
        {
          "name": "IY98011",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98011"
        },
        {
          "name": "20070816 IBM DB2 Universal Database Multiple File Creation Vulnerabilities",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=580"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-4272",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to create arbitrary files via (1) unspecified vectors where an attacker\u0027s umask is honored, (2) /etc/ld.so.preload, (3) certain \"cron data file locations\", and other unspecified vectors possibly involving the (4) OSSEMEMDBG or (5) TRC_LOG_FILE environment variable in db2licd (db2licm)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "20070818 Recent DB2 Vulnerabilities",
              "refsource": "VIM",
              "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
            },
            {
              "name": "ADV-2007-2912",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2912"
            },
            {
              "name": "db2-multiple-file-create(36104)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36104"
            },
            {
              "name": "IY98210",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98210"
            },
            {
              "name": "25339",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/25339"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
            },
            {
              "name": "1018581",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1018581"
            },
            {
              "name": "26471",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26471"
            },
            {
              "name": "IY98101",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98101"
            },
            {
              "name": "IY98011",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98011"
            },
            {
              "name": "20070816 IBM DB2 Universal Database Multiple File Creation Vulnerabilities",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=580"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-4272",
    "datePublished": "2007-08-18T21:00:00",
    "dateReserved": "2007-08-09T00:00:00",
    "dateUpdated": "2024-08-07T14:46:39.489Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-6046

Vulnerability from cvelistv5

Published

2007-11-20 20:00

Modified

2024-08-07 15:54

Severity ?

Summary

Unspecified vulnerability in unspecified setuid programs in IBM DB2 UDB 9.1 before Fixpak 4 allows local users to have an unknown impact.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2007/3867	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/26450	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/27667	third-party-advisory, x_refsource_SECUNIA
	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ07018	vendor-advisory, x_refsource_AIXAPAR

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:54:26.776Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "ADV-2007-3867",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3867"
          },
          {
            "name": "26450",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26450"
          },
          {
            "name": "27667",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27667"
          },
          {
            "name": "IZ07018",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ07018"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-11-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in unspecified setuid programs in IBM DB2 UDB 9.1 before Fixpak 4 allows local users to have an unknown impact."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-02-26T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "ADV-2007-3867",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3867"
        },
        {
          "name": "26450",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26450"
        },
        {
          "name": "27667",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27667"
        },
        {
          "name": "IZ07018",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ07018"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-6046",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in unspecified setuid programs in IBM DB2 UDB 9.1 before Fixpak 4 allows local users to have an unknown impact."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "ADV-2007-3867",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3867"
            },
            {
              "name": "26450",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26450"
            },
            {
              "name": "27667",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27667"
            },
            {
              "name": "IZ07018",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ07018"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-6046",
    "datePublished": "2007-11-20T20:00:00",
    "dateReserved": "2007-11-20T00:00:00",
    "dateUpdated": "2024-08-07T15:54:26.776Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-4736

Vulnerability from cvelistv5

Published

2006-03-19 23:00

Modified

2024-09-16 23:36

Severity ?

Summary

IBM DB2 Universal Database (UDB) 820 before 8.2 FP10 allows remote authenticated users to cause a denial of service (disk consumption) via a hash join (hsjn) that triggers an infinite loop in sqlri_hsjnFlushBlocks.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/15126	vdb-entry, x_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY70561	vendor-advisory, x_refsource_AIXAPAR
	http://secunia.com/advisories/17031	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:53:29.056Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "15126",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/15126"
          },
          {
            "name": "IY70561",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY70561"
          },
          {
            "name": "17031",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17031"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 Universal Database (UDB) 820 before 8.2 FP10 allows remote authenticated users to cause a denial of service (disk consumption) via a hash join (hsjn) that triggers an infinite loop in sqlri_hsjnFlushBlocks."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2006-03-19T23:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "15126",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/15126"
        },
        {
          "name": "IY70561",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY70561"
        },
        {
          "name": "17031",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17031"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-4736",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 Universal Database (UDB) 820 before 8.2 FP10 allows remote authenticated users to cause a denial of service (disk consumption) via a hash join (hsjn) that triggers an infinite loop in sqlri_hsjnFlushBlocks."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "15126",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/15126"
            },
            {
              "name": "IY70561",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY70561"
            },
            {
              "name": "17031",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17031"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-4736",
    "datePublished": "2006-03-19T23:00:00Z",
    "dateReserved": "2006-03-19T00:00:00Z",
    "dateUpdated": "2024-09-16T23:36:45.949Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2003-0836

Vulnerability from cvelistv5

Published

2003-10-08 04:00

Modified

2024-08-08 02:05

Severity ?

Summary

Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 before Fixpak 10 and 10a, and 8.1 before Fixpak 2, allows attackers with "Connect" privileges to execute arbitrary code via a LOAD command.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2003-0836	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:05:12.609Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2003-0836"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-10-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 before Fixpak 10 and 10a, and 8.1 before Fixpak 2, allows attackers with \"Connect\" privileges to execute arbitrary code via a LOAD command."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-08-16T18:49:20",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2003-0836"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0836",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 before Fixpak 10 and 10a, and 8.1 before Fixpak 2, allows attackers with \"Connect\" privileges to execute arbitrary code via a LOAD command."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2003-0836",
              "refsource": "MISC",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2003-0836"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0836",
    "datePublished": "2003-10-08T04:00:00",
    "dateReserved": "2003-09-29T00:00:00",
    "dateUpdated": "2024-08-08T02:05:12.609Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2006-3067

Vulnerability from cvelistv5

Published

2006-06-19 10:00

Modified

2024-08-07 18:16

Severity ?

Summary

Multiple unspecified vulnerabilities in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allow remote attackers to cause a denial of service (application crash) via a (1) "long column list" in the (a) REPLACE INTO and (b) INSERT INTO portions of the LOAD command or a (2) large number of values in an IN clause, possibly related to a buffer overflow.

References

▼	URL	Tags
	http://www.osvdb.org/27992	vdb-entry, x_refsource_OSVDB
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY82725	vendor-advisory, x_refsource_AIXAPAR
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY76767	vendor-advisory, x_refsource_AIXAPAR
	https://exchange.xforce.ibmcloud.com/vulnerabilities/27099	vdb-entry, x_refsource_XF
	http://www.osvdb.org/27993	vdb-entry, x_refsource_OSVDB
	https://exchange.xforce.ibmcloud.com/vulnerabilities/27101	vdb-entry, x_refsource_XF
	http://secunia.com/advisories/20579	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2006/2332	vdb-entry, x_refsource_VUPEN
	http://www.osvdb.org/29860	vdb-entry, x_refsource_OSVDB

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T18:16:06.151Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "27992",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/27992"
          },
          {
            "name": "IY82725",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY82725"
          },
          {
            "name": "IY76767",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY76767"
          },
          {
            "name": "db2-load-command-dos(27099)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27099"
          },
          {
            "name": "27993",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/27993"
          },
          {
            "name": "db2-sql-inclause-dos(27101)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27101"
          },
          {
            "name": "20579",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/20579"
          },
          {
            "name": "ADV-2006-2332",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/2332"
          },
          {
            "name": "29860",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/29860"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-05-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple unspecified vulnerabilities in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allow remote attackers to cause a denial of service (application crash) via a (1) \"long column list\" in the (a) REPLACE INTO and (b) INSERT INTO portions of the LOAD command or a (2) large number of values in an IN clause, possibly related to a buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-19T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "27992",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/27992"
        },
        {
          "name": "IY82725",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY82725"
        },
        {
          "name": "IY76767",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY76767"
        },
        {
          "name": "db2-load-command-dos(27099)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27099"
        },
        {
          "name": "27993",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/27993"
        },
        {
          "name": "db2-sql-inclause-dos(27101)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27101"
        },
        {
          "name": "20579",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/20579"
        },
        {
          "name": "ADV-2006-2332",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/2332"
        },
        {
          "name": "29860",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/29860"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-3067",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple unspecified vulnerabilities in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allow remote attackers to cause a denial of service (application crash) via a (1) \"long column list\" in the (a) REPLACE INTO and (b) INSERT INTO portions of the LOAD command or a (2) large number of values in an IN clause, possibly related to a buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "27992",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/27992"
            },
            {
              "name": "IY82725",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY82725"
            },
            {
              "name": "IY76767",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY76767"
            },
            {
              "name": "db2-load-command-dos(27099)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27099"
            },
            {
              "name": "27993",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/27993"
            },
            {
              "name": "db2-sql-inclause-dos(27101)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27101"
            },
            {
              "name": "20579",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/20579"
            },
            {
              "name": "ADV-2006-2332",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/2332"
            },
            {
              "name": "29860",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/29860"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-3067",
    "datePublished": "2006-06-19T10:00:00",
    "dateReserved": "2006-06-19T00:00:00",
    "dateUpdated": "2024-08-07T18:16:06.151Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-4863

Vulnerability from cvelistv5

Published

2007-10-06 21:00

Modified

2024-08-08 00:01

Severity ?

Summary

Stack-based buffer overflow in db2fmp in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long parameter.

References

▼	URL	Tags
	http://www-1.ibm.com/support/search.wss?rs=0&q=IY62039&apar=only	vendor-advisory, x_refsource_AIXAPAR
	http://www.nextgenss.com/advisories/db205012005A.txt	x_refsource_MISC
	http://marc.info/?l=bugtraq&m=110494995113579&w=2	mailing-list, x_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilities/17615	vdb-entry, x_refsource_XF
	http://www.securityfocus.com/bid/11397	vdb-entry, x_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg21181228	x_refsource_CONFIRM
	http://secunia.com/advisories/12733	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:01:23.487Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "IY62039",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY62039\u0026apar=only"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.nextgenss.com/advisories/db205012005A.txt"
          },
          {
            "name": "20050105 IBM DB2 db2fmp buffer overflow (#NISR05012005A)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110494995113579\u0026w=2"
          },
          {
            "name": "db2-db2fmp-bo(17615)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17615"
          },
          {
            "name": "11397",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11397"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21181228"
          },
          {
            "name": "12733",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/12733"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in db2fmp in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "IY62039",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY62039\u0026apar=only"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.nextgenss.com/advisories/db205012005A.txt"
        },
        {
          "name": "20050105 IBM DB2 db2fmp buffer overflow (#NISR05012005A)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110494995113579\u0026w=2"
        },
        {
          "name": "db2-db2fmp-bo(17615)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17615"
        },
        {
          "name": "11397",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11397"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21181228"
        },
        {
          "name": "12733",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/12733"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-4863",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in db2fmp in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "IY62039",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY62039\u0026apar=only"
            },
            {
              "name": "http://www.nextgenss.com/advisories/db205012005A.txt",
              "refsource": "MISC",
              "url": "http://www.nextgenss.com/advisories/db205012005A.txt"
            },
            {
              "name": "20050105 IBM DB2 db2fmp buffer overflow (#NISR05012005A)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=110494995113579\u0026w=2"
            },
            {
              "name": "db2-db2fmp-bo(17615)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17615"
            },
            {
              "name": "11397",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11397"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21181228",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21181228"
            },
            {
              "name": "12733",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/12733"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-4863",
    "datePublished": "2007-10-06T21:00:00",
    "dateReserved": "2007-10-06T00:00:00",
    "dateUpdated": "2024-08-08T00:01:23.487Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-3854

Vulnerability from cvelistv5

Published

2008-08-28 17:00

Modified

2024-08-07 09:53

Severity ?

Summary

Multiple stack-based buffer overflows in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 1 allow remote attackers to cause a denial of service (system outage) via vectors related to (1) use of XQuery to issue statements; the (2) XMLQUERY, (3) XMLEXISTS, and (4) XMLTABLE statements; and the (5) sqlrlaka function.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/42935	vdb-entry, x_refsource_XF
	http://www.securityfocus.com/archive/1/496406/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18431	vendor-advisory, x_refsource_AIXAPAR
	http://www.vupen.com/english/advisories/2008/1769	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/29601	vdb-entry, x_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18434	vendor-advisory, x_refsource_AIXAPAR
	https://exchange.xforce.ibmcloud.com/vulnerabilities/42930	vdb-entry, x_refsource_XF
	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ16346	vendor-advisory, x_refsource_AIXAPAR
	http://secunia.com/advisories/30558	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:53:00.407Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "ibm-db2-multiple-bo(42935)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42935"
          },
          {
            "name": "20080916 Team SHATTER Security Advisory: IBM DB2 UDB - Buffer overrun in XMLQUERY and XMLEXISTS",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/496406/100/0/threaded"
          },
          {
            "name": "IZ18431",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18431"
          },
          {
            "name": "ADV-2008-1769",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1769"
          },
          {
            "name": "29601",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/29601"
          },
          {
            "name": "IZ18434",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18434"
          },
          {
            "name": "ibm-db2-sqlrlaka-bo(42930)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42930"
          },
          {
            "name": "IZ16346",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ16346"
          },
          {
            "name": "30558",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30558"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-06-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple stack-based buffer overflows in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 1 allow remote attackers to cause a denial of service (system outage) via vectors related to (1) use of XQuery to issue statements; the (2) XMLQUERY, (3) XMLEXISTS, and (4) XMLTABLE statements; and the (5) sqlrlaka function."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "ibm-db2-multiple-bo(42935)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42935"
        },
        {
          "name": "20080916 Team SHATTER Security Advisory: IBM DB2 UDB - Buffer overrun in XMLQUERY and XMLEXISTS",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/496406/100/0/threaded"
        },
        {
          "name": "IZ18431",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18431"
        },
        {
          "name": "ADV-2008-1769",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1769"
        },
        {
          "name": "29601",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/29601"
        },
        {
          "name": "IZ18434",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18434"
        },
        {
          "name": "ibm-db2-sqlrlaka-bo(42930)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42930"
        },
        {
          "name": "IZ16346",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ16346"
        },
        {
          "name": "30558",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30558"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-3854",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple stack-based buffer overflows in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 1 allow remote attackers to cause a denial of service (system outage) via vectors related to (1) use of XQuery to issue statements; the (2) XMLQUERY, (3) XMLEXISTS, and (4) XMLTABLE statements; and the (5) sqlrlaka function."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "ibm-db2-multiple-bo(42935)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42935"
            },
            {
              "name": "20080916 Team SHATTER Security Advisory: IBM DB2 UDB - Buffer overrun in XMLQUERY and XMLEXISTS",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/496406/100/0/threaded"
            },
            {
              "name": "IZ18431",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18431"
            },
            {
              "name": "ADV-2008-1769",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1769"
            },
            {
              "name": "29601",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/29601"
            },
            {
              "name": "IZ18434",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18434"
            },
            {
              "name": "ibm-db2-sqlrlaka-bo(42930)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42930"
            },
            {
              "name": "IZ16346",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ16346"
            },
            {
              "name": "30558",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30558"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-3854",
    "datePublished": "2008-08-28T17:00:00",
    "dateReserved": "2008-08-28T00:00:00",
    "dateUpdated": "2024-08-07T09:53:00.407Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-5757

Vulnerability from cvelistv5

Published

2008-02-12 23:00

Modified

2024-09-16 17:08

Severity ?

Summary

Untrusted search path vulnerability in db2pd in IBM DB2 Universal Database (UDB) 8 before FixPak 16 and 9 before Fix Pack 4 allows local users to gain root privileges via a modified DB2INSTANCE environment variable that points to a malicious library. NOTE: this might be the same issue as CVE-2008-0697.

References

▼	URL	Tags
	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT	x_refsource_CONFIRM
	http://securitytracker.com/id?1019319	vdb-entry, x_refsource_SECTRACK
	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=653	third-party-advisory, x_refsource_IDEFENSE
	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03546	vendor-advisory, x_refsource_AIXAPAR

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:39:13.717Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
          },
          {
            "name": "1019319",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1019319"
          },
          {
            "name": "20080207 IBM DB2 Universal Database db2pd Arbitrary Library Loading Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=653"
          },
          {
            "name": "IZ03546",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03546"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Untrusted search path vulnerability in db2pd in IBM DB2 Universal Database (UDB) 8 before FixPak 16 and 9 before Fix Pack 4 allows local users to gain root privileges via a modified DB2INSTANCE environment variable that points to a malicious library.  NOTE: this might be the same issue as CVE-2008-0697."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2008-02-12T23:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
        },
        {
          "name": "1019319",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1019319"
        },
        {
          "name": "20080207 IBM DB2 Universal Database db2pd Arbitrary Library Loading Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=653"
        },
        {
          "name": "IZ03546",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03546"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-5757",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Untrusted search path vulnerability in db2pd in IBM DB2 Universal Database (UDB) 8 before FixPak 16 and 9 before Fix Pack 4 allows local users to gain root privileges via a modified DB2INSTANCE environment variable that points to a malicious library.  NOTE: this might be the same issue as CVE-2008-0697."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
            },
            {
              "name": "1019319",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1019319"
            },
            {
              "name": "20080207 IBM DB2 Universal Database db2pd Arbitrary Library Loading Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=653"
            },
            {
              "name": "IZ03546",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03546"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-5757",
    "datePublished": "2008-02-12T23:00:00Z",
    "dateReserved": "2007-10-31T00:00:00Z",
    "dateUpdated": "2024-09-16T17:08:00.538Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-6053

Vulnerability from cvelistv5

Published

2007-11-20 20:00

Modified

2024-08-07 15:54

Severity ?

Summary

IBM DB2 UDB 9.1 before Fixpak 4 does not properly handle use of large numbers of file descriptors, which might allow attackers to have an unknown impact involving "memory corruption." NOTE: the vendor description of this issue is too vague to be certain that it is security-related.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2007/3867	vdb-entry, x_refsource_VUPEN
	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ04039	vendor-advisory, x_refsource_AIXAPAR
	http://www.securityfocus.com/bid/26450	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:54:26.885Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "ADV-2007-3867",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3867"
          },
          {
            "name": "IZ04039",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ04039"
          },
          {
            "name": "26450",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26450"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-11-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 UDB 9.1 before Fixpak 4 does not properly handle use of large numbers of file descriptors, which might allow attackers to have an unknown impact involving \"memory corruption.\" NOTE: the vendor description of this issue is too vague to be certain that it is security-related."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-02-26T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "ADV-2007-3867",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3867"
        },
        {
          "name": "IZ04039",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ04039"
        },
        {
          "name": "26450",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26450"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-6053",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 UDB 9.1 before Fixpak 4 does not properly handle use of large numbers of file descriptors, which might allow attackers to have an unknown impact involving \"memory corruption.\" NOTE: the vendor description of this issue is too vague to be certain that it is security-related."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "ADV-2007-3867",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3867"
            },
            {
              "name": "IZ04039",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ04039"
            },
            {
              "name": "26450",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26450"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-6053",
    "datePublished": "2007-11-20T20:00:00",
    "dateReserved": "2007-11-20T00:00:00",
    "dateUpdated": "2024-08-07T15:54:26.885Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-4864

Vulnerability from cvelistv5

Published

2007-10-06 21:00

Modified

2024-08-08 00:01

Severity ?

Summary

Stack-based buffer overflow in libdb2.so in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long DB2LPORT environment variable.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/11390	vdb-entry, x_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY62042	vendor-advisory, x_refsource_AIXAPAR
	https://exchange.xforce.ibmcloud.com/vulnerabilities/17616	vdb-entry, x_refsource_XF
	http://marc.info/?l=bugtraq&m=110495092105541&w=2	mailing-list, x_refsource_BUGTRAQ
	http://secunia.com/advisories/12733/	third-party-advisory, x_refsource_SECUNIA
	http://www.ngssoftware.com/advisories/db205012005B.txt	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:01:23.431Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "11390",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11390"
          },
          {
            "name": "IY62042",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY62042"
          },
          {
            "name": "db2-db2lport-bo(17616)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17616"
          },
          {
            "name": "20050105 IBM DB2 libdb2.so buffer overflow (#NISR05012005B)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110495092105541\u0026w=2"
          },
          {
            "name": "12733",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/12733/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.ngssoftware.com/advisories/db205012005B.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in libdb2.so in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long DB2LPORT environment variable."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "11390",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11390"
        },
        {
          "name": "IY62042",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY62042"
        },
        {
          "name": "db2-db2lport-bo(17616)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17616"
        },
        {
          "name": "20050105 IBM DB2 libdb2.so buffer overflow (#NISR05012005B)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110495092105541\u0026w=2"
        },
        {
          "name": "12733",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/12733/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.ngssoftware.com/advisories/db205012005B.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-4864",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in libdb2.so in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long DB2LPORT environment variable."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "11390",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11390"
            },
            {
              "name": "IY62042",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY62042"
            },
            {
              "name": "db2-db2lport-bo(17616)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17616"
            },
            {
              "name": "20050105 IBM DB2 libdb2.so buffer overflow (#NISR05012005B)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=110495092105541\u0026w=2"
            },
            {
              "name": "12733",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/12733/"
            },
            {
              "name": "http://www.ngssoftware.com/advisories/db205012005B.txt",
              "refsource": "MISC",
              "url": "http://www.ngssoftware.com/advisories/db205012005B.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-4864",
    "datePublished": "2007-10-06T21:00:00",
    "dateReserved": "2007-10-06T00:00:00",
    "dateUpdated": "2024-08-08T00:01:23.431Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-3960

Vulnerability from cvelistv5

Published

2008-09-09 14:00

Modified

2024-08-07 10:00

Severity ?

Summary

Unspecified vulnerability in the JDBC Applet Server Service (aka db2jds) in IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service (service crash) via "malicious packets."

References

▼	URL	Tags
	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/31058	vdb-entry, x_refsource_BID
	http://www-01.ibm.com/support/docview.wss?uid=swg21318189	x_refsource_CONFIRM
	http://www-1.ibm.com/support/docview.wss?uid=swg1JR29274	vendor-advisory, x_refsource_AIXAPAR
	https://exchange.xforce.ibmcloud.com/vulnerabilities/44984	vdb-entry, x_refsource_XF
	http://www.securitytracker.com/id?1020826	vdb-entry, x_refsource_SECTRACK
	http://osvdb.org/48148	vdb-entry, x_refsource_OSVDB
	http://secunia.com/advisories/31787	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T10:00:41.931Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
          },
          {
            "name": "31058",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/31058"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21318189"
          },
          {
            "name": "JR29274",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR29274"
          },
          {
            "name": "db2-db2jds-dos(44984)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44984"
          },
          {
            "name": "1020826",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020826"
          },
          {
            "name": "48148",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/48148"
          },
          {
            "name": "31787",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31787"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-09-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the JDBC Applet Server Service (aka db2jds) in IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service (service crash) via \"malicious packets.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
        },
        {
          "name": "31058",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/31058"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21318189"
        },
        {
          "name": "JR29274",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR29274"
        },
        {
          "name": "db2-db2jds-dos(44984)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44984"
        },
        {
          "name": "1020826",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020826"
        },
        {
          "name": "48148",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/48148"
        },
        {
          "name": "31787",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31787"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-3960",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the JDBC Applet Server Service (aka db2jds) in IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service (service crash) via \"malicious packets.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
            },
            {
              "name": "31058",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/31058"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21318189",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21318189"
            },
            {
              "name": "JR29274",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR29274"
            },
            {
              "name": "db2-db2jds-dos(44984)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44984"
            },
            {
              "name": "1020826",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020826"
            },
            {
              "name": "48148",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/48148"
            },
            {
              "name": "31787",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31787"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-3960",
    "datePublished": "2008-09-09T14:00:00",
    "dateReserved": "2008-09-09T00:00:00",
    "dateUpdated": "2024-08-07T10:00:41.931Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-1086

Vulnerability from cvelistv5

Published

2007-02-23 22:00

Modified

2024-08-07 12:43

Severity ?

Summary

Unspecified binaries in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allow local users to create or modify arbitrary files via unspecified environment variables related to "unsafe file access."

References

▼	URL	Tags
	http://www.attrition.org/pipermail/vim/2007-August/001765.html	mailing-list, x_refsource_VIM
	http://www-1.ibm.com/support/docview.wss?uid=swg21255747	vendor-advisory, x_refsource_AIXAPAR
	https://exchange.xforce.ibmcloud.com/vulnerabilities/32650	vdb-entry, x_refsource_XF
	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=481	third-party-advisory, x_refsource_IDEFENSE
	http://www.securityfocus.com/bid/22677	vdb-entry, x_refsource_BID
	http://osvdb.org/40969	vdb-entry, x_refsource_OSVDB

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T12:43:22.469Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20070818 Recent DB2 Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_VIM",
              "x_transferred"
            ],
            "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
          },
          {
            "name": "IY94833",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255747"
          },
          {
            "name": "db2-setuid-privilege-escalation(32650)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32650"
          },
          {
            "name": "20070222 IBM DB2 Universal Database Multiple Privilege Escalation Vulnerabilities",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=481"
          },
          {
            "name": "22677",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/22677"
          },
          {
            "name": "40969",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/40969"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-02-22T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified binaries in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allow local users to create or modify arbitrary files via unspecified environment variables related to \"unsafe file access.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20070818 Recent DB2 Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_VIM"
          ],
          "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
        },
        {
          "name": "IY94833",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255747"
        },
        {
          "name": "db2-setuid-privilege-escalation(32650)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32650"
        },
        {
          "name": "20070222 IBM DB2 Universal Database Multiple Privilege Escalation Vulnerabilities",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=481"
        },
        {
          "name": "22677",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/22677"
        },
        {
          "name": "40969",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/40969"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-1086",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified binaries in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allow local users to create or modify arbitrary files via unspecified environment variables related to \"unsafe file access.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20070818 Recent DB2 Vulnerabilities",
              "refsource": "VIM",
              "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
            },
            {
              "name": "IY94833",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255747"
            },
            {
              "name": "db2-setuid-privilege-escalation(32650)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32650"
            },
            {
              "name": "20070222 IBM DB2 Universal Database Multiple Privilege Escalation Vulnerabilities",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=481"
            },
            {
              "name": "22677",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/22677"
            },
            {
              "name": "40969",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/40969"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-1086",
    "datePublished": "2007-02-23T22:00:00",
    "dateReserved": "2007-02-23T00:00:00",
    "dateUpdated": "2024-08-07T12:43:22.469Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-4740

Vulnerability from cvelistv5

Published

2006-03-19 23:00

Modified

2024-09-16 20:07

Severity ?

Summary

IBM DB2 Universal Database (UDB) 810 before version 8 FixPak 10 allows remote authenticated users to cause a denial of service (db2jd service crash) by "connecting from a downlevel client."

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg1JR21329	vendor-advisory, x_refsource_AIXAPAR
	http://www.securityfocus.com/bid/15126	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/17031	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:53:28.945Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "JR21329",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR21329"
          },
          {
            "name": "15126",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/15126"
          },
          {
            "name": "17031",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17031"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 Universal Database (UDB) 810 before version 8 FixPak 10 allows remote authenticated users to cause a denial of service (db2jd service crash) by \"connecting from a downlevel client.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2006-03-19T23:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "JR21329",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR21329"
        },
        {
          "name": "15126",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/15126"
        },
        {
          "name": "17031",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17031"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-4740",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 Universal Database (UDB) 810 before version 8 FixPak 10 allows remote authenticated users to cause a denial of service (db2jd service crash) by \"connecting from a downlevel client.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "JR21329",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR21329"
            },
            {
              "name": "15126",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/15126"
            },
            {
              "name": "17031",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17031"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-4740",
    "datePublished": "2006-03-19T23:00:00Z",
    "dateReserved": "2006-03-19T00:00:00Z",
    "dateUpdated": "2024-09-16T20:07:45.658Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2003-0837

Vulnerability from cvelistv5

Published

2003-10-08 04:00

Modified

2024-08-08 02:05

Severity ?

Summary

Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 for Windows, before Fixpak 10a, allows attackers with "Connect" privileges to execute arbitrary code via the INVOKE command.

References

▼	URL	Tags
	http://www.securityfocus.com/bid/8743	vdb-entry, x_refsource_BID
	http://marc.info/?l=bugtraq&m=106503709914622&w=2	mailing-list, x_refsource_BUGTRAQ
	https://exchange.xforce.ibmcloud.com/vulnerabilities/13331	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:05:12.551Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "8743",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/8743"
          },
          {
            "name": "20031001 ptl-2003-02: IBM DB2 INVOKE Command Stack Overflow Vulnerability",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=106503709914622\u0026w=2"
          },
          {
            "name": "db2-invoke-bo(13331)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13331"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-10-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 for Windows, before Fixpak 10a, allows attackers with \"Connect\" privileges to execute arbitrary code via the INVOKE command."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "8743",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/8743"
        },
        {
          "name": "20031001 ptl-2003-02: IBM DB2 INVOKE Command Stack Overflow Vulnerability",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=106503709914622\u0026w=2"
        },
        {
          "name": "db2-invoke-bo(13331)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13331"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0837",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 for Windows, before Fixpak 10a, allows attackers with \"Connect\" privileges to execute arbitrary code via the INVOKE command."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "8743",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/8743"
            },
            {
              "name": "20031001 ptl-2003-02: IBM DB2 INVOKE Command Stack Overflow Vulnerability",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=106503709914622\u0026w=2"
            },
            {
              "name": "db2-invoke-bo(13331)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13331"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0837",
    "datePublished": "2003-10-08T04:00:00",
    "dateReserved": "2003-09-29T00:00:00",
    "dateUpdated": "2024-08-08T02:05:12.551Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-4739

Vulnerability from cvelistv5

Published

2006-03-19 23:00

Modified

2024-09-16 22:14

Severity ?

Summary

IBM DB2 Universal Database (UDB) 820 before version 8 FixPak 10 (s050811) allows remote authenticated users to cause a denial of service (application crash) by using a table function for an instance of snapshot_tbreorg, which triggers a trap in sqlnr_EStoE_action.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY72588	vendor-advisory, x_refsource_AIXAPAR
	http://www.securityfocus.com/bid/15126	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/17031	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T23:53:29.008Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "IY72588",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY72588"
          },
          {
            "name": "15126",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/15126"
          },
          {
            "name": "17031",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/17031"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 Universal Database (UDB) 820 before version 8 FixPak 10 (s050811) allows remote authenticated users to cause a denial of service (application crash) by using a table function for an instance of snapshot_tbreorg, which triggers a trap in sqlnr_EStoE_action."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2006-03-19T23:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "IY72588",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY72588"
        },
        {
          "name": "15126",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/15126"
        },
        {
          "name": "17031",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/17031"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-4739",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 Universal Database (UDB) 820 before version 8 FixPak 10 (s050811) allows remote authenticated users to cause a denial of service (application crash) by using a table function for an instance of snapshot_tbreorg, which triggers a trap in sqlnr_EStoE_action."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "IY72588",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY72588"
            },
            {
              "name": "15126",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/15126"
            },
            {
              "name": "17031",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/17031"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-4739",
    "datePublished": "2006-03-19T23:00:00Z",
    "dateReserved": "2006-03-19T00:00:00Z",
    "dateUpdated": "2024-09-16T22:14:23.201Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-4270

Vulnerability from cvelistv5

Published

2007-08-18 21:00

Modified

2024-08-07 14:46

Severity ?

Summary

Multiple race conditions in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain root privileges via a symlink attack on certain files.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	x_refsource_CONFIRM
	http://www.attrition.org/pipermail/vim/2007-August/001765.html	mailing-list, x_refsource_VIM
	http://www.vupen.com/english/advisories/2007/2912	vdb-entry, x_refsource_VUPEN
	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=578	third-party-advisory, x_refsource_IDEFENSE
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY98210	vendor-advisory, x_refsource_AIXAPAR
	http://www.securityfocus.com/bid/25339	vdb-entry, x_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg21255352	x_refsource_CONFIRM
	http://securitytracker.com/id?1018581	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/26471	third-party-advisory, x_refsource_SECUNIA
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY99261	vendor-advisory, x_refsource_AIXAPAR
	https://exchange.xforce.ibmcloud.com/vulnerabilities/36069	vdb-entry, x_refsource_XF

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T14:46:39.528Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "20070818 Recent DB2 Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_VIM",
              "x_transferred"
            ],
            "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
          },
          {
            "name": "ADV-2007-2912",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2912"
          },
          {
            "name": "20070816 IBM DB2 Universal Database Multiple Race Condition Vulnerabilities",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=578"
          },
          {
            "name": "IY98210",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98210"
          },
          {
            "name": "25339",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/25339"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
          },
          {
            "name": "1018581",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018581"
          },
          {
            "name": "26471",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26471"
          },
          {
            "name": "IY99261",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY99261"
          },
          {
            "name": "db2-binaries-symlink(36069)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36069"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-08-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple race conditions in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain root privileges via a symlink attack on certain files."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "20070818 Recent DB2 Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_VIM"
          ],
          "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
        },
        {
          "name": "ADV-2007-2912",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2912"
        },
        {
          "name": "20070816 IBM DB2 Universal Database Multiple Race Condition Vulnerabilities",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=578"
        },
        {
          "name": "IY98210",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98210"
        },
        {
          "name": "25339",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/25339"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
        },
        {
          "name": "1018581",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018581"
        },
        {
          "name": "26471",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26471"
        },
        {
          "name": "IY99261",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY99261"
        },
        {
          "name": "db2-binaries-symlink(36069)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36069"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-4270",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple race conditions in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain root privileges via a symlink attack on certain files."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "20070818 Recent DB2 Vulnerabilities",
              "refsource": "VIM",
              "url": "http://www.attrition.org/pipermail/vim/2007-August/001765.html"
            },
            {
              "name": "ADV-2007-2912",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2912"
            },
            {
              "name": "20070816 IBM DB2 Universal Database Multiple Race Condition Vulnerabilities",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=578"
            },
            {
              "name": "IY98210",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY98210"
            },
            {
              "name": "25339",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/25339"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255352"
            },
            {
              "name": "1018581",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1018581"
            },
            {
              "name": "26471",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26471"
            },
            {
              "name": "IY99261",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY99261"
            },
            {
              "name": "db2-binaries-symlink(36069)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36069"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-4270",
    "datePublished": "2007-08-18T21:00:00",
    "dateReserved": "2007-08-09T00:00:00",
    "dateUpdated": "2024-08-07T14:46:39.528Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2001-0052

Vulnerability from cvelistv5

Published

2001-02-02 05:00

Modified

2024-08-08 04:06

Severity ?

Summary

IBM DB2 Universal Database version 6.1 allows users to cause a denial of service via a malformed query.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/5664	vdb-entry, x_refsource_XF
	http://www.securityfocus.com/bid/2067	vdb-entry, x_refsource_BID
	http://www.securityfocus.com/archive/1/149207	mailing-list, x_refsource_BUGTRAQ

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T04:06:54.689Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ibm-db2-dos(5664)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5664"
          },
          {
            "name": "2067",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/2067"
          },
          {
            "name": "20001205 IBM DB2 SQL DOS",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/149207"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2000-12-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 Universal Database version 6.1 allows users to cause a denial of service via a malformed query."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-18T21:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ibm-db2-dos(5664)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5664"
        },
        {
          "name": "2067",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/2067"
        },
        {
          "name": "20001205 IBM DB2 SQL DOS",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/149207"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2001-0052",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 Universal Database version 6.1 allows users to cause a denial of service via a malformed query."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ibm-db2-dos(5664)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5664"
            },
            {
              "name": "2067",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/2067"
            },
            {
              "name": "20001205 IBM DB2 SQL DOS",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/149207"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2001-0052",
    "datePublished": "2001-02-02T05:00:00",
    "dateReserved": "2001-02-01T00:00:00",
    "dateUpdated": "2024-08-08T04:06:54.689Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-3856

Vulnerability from cvelistv5

Published

2008-08-28 17:00

Modified

2024-08-07 09:53

Severity ?

Summary

The routine infrastructure component in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP1 on Unix and Linux does not change the ownership of the db2fmp process, which has unknown impact and attack vectors.

References

▼	URL	Tags
	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/31058	vdb-entry, x_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	x_refsource_CONFIRM
	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20352	vendor-advisory, x_refsource_AIXAPAR
	https://exchange.xforce.ibmcloud.com/vulnerabilities/45140	vdb-entry, x_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ19155	vendor-advisory, x_refsource_AIXAPAR
	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/29601	vdb-entry, x_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20350	vendor-advisory, x_refsource_AIXAPAR
	http://secunia.com/advisories/31787	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/29784	third-party-advisory, x_refsource_SECUNIA

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:53:00.414Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
          },
          {
            "name": "31058",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/31058"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "IZ20352",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20352"
          },
          {
            "name": "ibm-db2-infrastructure-unspecified(45140)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45140"
          },
          {
            "name": "IZ19155",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ19155"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
          },
          {
            "name": "29601",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/29601"
          },
          {
            "name": "IZ20350",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20350"
          },
          {
            "name": "31787",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31787"
          },
          {
            "name": "29784",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29784"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-06-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The routine infrastructure component in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP1 on Unix and Linux does not change the ownership of the db2fmp process, which has unknown impact and attack vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
        },
        {
          "name": "31058",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/31058"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "IZ20352",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20352"
        },
        {
          "name": "ibm-db2-infrastructure-unspecified(45140)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45140"
        },
        {
          "name": "IZ19155",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ19155"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
        },
        {
          "name": "29601",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/29601"
        },
        {
          "name": "IZ20350",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20350"
        },
        {
          "name": "31787",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31787"
        },
        {
          "name": "29784",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29784"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-3856",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The routine infrastructure component in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP1 on Unix and Linux does not change the ownership of the db2fmp process, which has unknown impact and attack vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
            },
            {
              "name": "31058",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/31058"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "IZ20352",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20352"
            },
            {
              "name": "ibm-db2-infrastructure-unspecified(45140)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45140"
            },
            {
              "name": "IZ19155",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ19155"
            },
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
            },
            {
              "name": "29601",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/29601"
            },
            {
              "name": "IZ20350",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20350"
            },
            {
              "name": "31787",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31787"
            },
            {
              "name": "29784",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29784"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-3856",
    "datePublished": "2008-08-28T17:00:00",
    "dateReserved": "2008-08-28T00:00:00",
    "dateUpdated": "2024-08-07T09:53:00.414Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-6051

Vulnerability from cvelistv5

Published

2007-11-20 20:00

Modified

2024-08-07 15:54

Severity ?

Summary

IBM DB2 UDB 9.1 before Fixpak 4 assigns incorrect privileges to the (1) DB2ADMNS and (2) DB2USERS alternative groups, which has unknown impact. NOTE: the vendor description of this issue is too vague to be certain that it is security-related.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	x_refsource_CONFIRM
	http://osvdb.org/41011	vdb-entry, x_refsource_OSVDB
	http://www-1.ibm.com/support/docview.wss?uid=swg1JR26854	vendor-advisory, x_refsource_AIXAPAR
	http://www.vupen.com/english/advisories/2007/3867	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/26450	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:54:27.086Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "41011",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/41011"
          },
          {
            "name": "JR26854",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR26854"
          },
          {
            "name": "ADV-2007-3867",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3867"
          },
          {
            "name": "26450",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26450"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-11-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 UDB 9.1 before Fixpak 4 assigns incorrect privileges to the (1) DB2ADMNS and (2) DB2USERS alternative groups, which has unknown impact.  NOTE: the vendor description of this issue is too vague to be certain that it is security-related."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-02-26T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "41011",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/41011"
        },
        {
          "name": "JR26854",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR26854"
        },
        {
          "name": "ADV-2007-3867",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3867"
        },
        {
          "name": "26450",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26450"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-6051",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 UDB 9.1 before Fixpak 4 assigns incorrect privileges to the (1) DB2ADMNS and (2) DB2USERS alternative groups, which has unknown impact.  NOTE: the vendor description of this issue is too vague to be certain that it is security-related."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "41011",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/41011"
            },
            {
              "name": "JR26854",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR26854"
            },
            {
              "name": "ADV-2007-3867",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3867"
            },
            {
              "name": "26450",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26450"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-6051",
    "datePublished": "2007-11-20T20:00:00",
    "dateReserved": "2007-11-20T00:00:00",
    "dateUpdated": "2024-08-07T15:54:27.086Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2010-3739

Vulnerability from cvelistv5

Published

2010-10-05 17:00

Modified

2024-09-16 17:14

Severity ?

Summary

The audit facility in the Security component in IBM DB2 UDB 9.5 before FP6a uses instance-level audit settings to capture connection (aka CONNECT and AUTHENTICATION) events in certain circumstances in which database-level audit settings were intended, which might make it easier for remote attackers to connect without discovery.

References

▼	URL	Tags
	http://www-01.ibm.com/support/docview.wss?uid=swg1JR34218	vendor-advisory, x_refsource_AIXAPAR
	ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:18:53.198Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "JR34218",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR34218"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The audit facility in the Security component in IBM DB2 UDB 9.5 before FP6a uses instance-level audit settings to capture connection (aka CONNECT and AUTHENTICATION) events in certain circumstances in which database-level audit settings were intended, which might make it easier for remote attackers to connect without discovery."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-10-05T17:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "JR34218",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR34218"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-3739",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The audit facility in the Security component in IBM DB2 UDB 9.5 before FP6a uses instance-level audit settings to capture connection (aka CONNECT and AUTHENTICATION) events in certain circumstances in which database-level audit settings were intended, which might make it easier for remote attackers to connect without discovery."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "JR34218",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR34218"
            },
            {
              "name": "ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-3739",
    "datePublished": "2010-10-05T17:00:00Z",
    "dateReserved": "2010-10-05T00:00:00Z",
    "dateUpdated": "2024-09-16T17:14:29.509Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-6050

Vulnerability from cvelistv5

Published

2007-11-20 20:00

Modified

2024-08-07 15:54

Severity ?

Summary

Unspecified vulnerability in DB2LICD in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, related to creation of an "insecure directory."

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	x_refsource_CONFIRM
	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03881	vendor-advisory, x_refsource_AIXAPAR
	http://www.vupen.com/english/advisories/2007/3867	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/26450	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:54:26.370Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "IZ03881",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03881"
          },
          {
            "name": "ADV-2007-3867",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3867"
          },
          {
            "name": "26450",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26450"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-11-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in DB2LICD in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, related to creation of an \"insecure directory.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-02-26T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "IZ03881",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03881"
        },
        {
          "name": "ADV-2007-3867",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3867"
        },
        {
          "name": "26450",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26450"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-6050",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in DB2LICD in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, related to creation of an \"insecure directory.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "IZ03881",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ03881"
            },
            {
              "name": "ADV-2007-3867",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3867"
            },
            {
              "name": "26450",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26450"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-6050",
    "datePublished": "2007-11-20T20:00:00",
    "dateReserved": "2007-11-20T00:00:00",
    "dateUpdated": "2024-08-07T15:54:26.370Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2003-0758

Vulnerability from cvelistv5

Published

2003-09-19 04:00

Modified

2024-08-08 02:05

Severity ?

Summary

Buffer overflow in db2dart in IBM DB2 Universal Data Base 7.2 before Fixpak 10 allows local users to gain root privileges via a long command line argument.

References

▼	URL	Tags
	http://www.ciac.org/ciac/bulletins/n-154.shtml	third-party-advisory, government-resource, x_refsource_CIAC
	http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0114.html	mailing-list, x_refsource_VULNWATCH
	https://exchange.xforce.ibmcloud.com/vulnerabilities/13218	vdb-entry, x_refsource_XF
	http://www.securityfocus.com/bid/8552	vdb-entry, x_refsource_BID
	http://marc.info/?l=bugtraq&m=106389919618721&w=2	mailing-list, x_refsource_BUGTRAQ
	http://www.coresecurity.com/common/showdoc.php?idx=366&idxseccion=10	x_refsource_MISC

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:05:12.550Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "N-154",
            "tags": [
              "third-party-advisory",
              "government-resource",
              "x_refsource_CIAC",
              "x_transferred"
            ],
            "url": "http://www.ciac.org/ciac/bulletins/n-154.shtml"
          },
          {
            "name": "20030918 CORE-2003-0531: Multiple IBM DB2 Stack Overflow Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_VULNWATCH",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0114.html"
          },
          {
            "name": "ibm-db2-db2dart-bo(13218)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13218"
          },
          {
            "name": "8552",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/8552"
          },
          {
            "name": "20030918 CORE-2003-0531: Multiple IBM DB2 Stack Overflow Vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=106389919618721\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.coresecurity.com/common/showdoc.php?idx=366\u0026idxseccion=10"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-09-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in db2dart in IBM DB2 Universal Data Base 7.2 before Fixpak 10 allows local users to gain root privileges via a long command line argument."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "N-154",
          "tags": [
            "third-party-advisory",
            "government-resource",
            "x_refsource_CIAC"
          ],
          "url": "http://www.ciac.org/ciac/bulletins/n-154.shtml"
        },
        {
          "name": "20030918 CORE-2003-0531: Multiple IBM DB2 Stack Overflow Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_VULNWATCH"
          ],
          "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0114.html"
        },
        {
          "name": "ibm-db2-db2dart-bo(13218)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13218"
        },
        {
          "name": "8552",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/8552"
        },
        {
          "name": "20030918 CORE-2003-0531: Multiple IBM DB2 Stack Overflow Vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=106389919618721\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.coresecurity.com/common/showdoc.php?idx=366\u0026idxseccion=10"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0758",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in db2dart in IBM DB2 Universal Data Base 7.2 before Fixpak 10 allows local users to gain root privileges via a long command line argument."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "N-154",
              "refsource": "CIAC",
              "url": "http://www.ciac.org/ciac/bulletins/n-154.shtml"
            },
            {
              "name": "20030918 CORE-2003-0531: Multiple IBM DB2 Stack Overflow Vulnerabilities",
              "refsource": "VULNWATCH",
              "url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0114.html"
            },
            {
              "name": "ibm-db2-db2dart-bo(13218)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13218"
            },
            {
              "name": "8552",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/8552"
            },
            {
              "name": "20030918 CORE-2003-0531: Multiple IBM DB2 Stack Overflow Vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=106389919618721\u0026w=2"
            },
            {
              "name": "http://www.coresecurity.com/common/showdoc.php?idx=366\u0026idxseccion=10",
              "refsource": "MISC",
              "url": "http://www.coresecurity.com/common/showdoc.php?idx=366\u0026idxseccion=10"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0758",
    "datePublished": "2003-09-19T04:00:00",
    "dateReserved": "2003-09-04T00:00:00",
    "dateUpdated": "2024-08-08T02:05:12.550Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2005-4867

Vulnerability from cvelistv5

Published

2007-10-06 21:00

Modified

2024-08-08 00:01

Severity ?

Summary

Stack-based buffer overflow in the SATENCRYPT function in IBM DB2 8.1, when Satellite Administration (SATADMIN) is enabled, allows remote attackers to execute arbitrary code via a long parameter.

References

▼	URL	Tags
	http://www.ngssoftware.com/advisories/db205012005E.txt	x_refsource_MISC
	http://www.securityfocus.com/bid/11396	vdb-entry, x_refsource_BID
	http://www-1.ibm.com/support/search.wss?rs=0&q=IY62040&apar=only	vendor-advisory, x_refsource_AIXAPAR
	https://exchange.xforce.ibmcloud.com/vulnerabilities/17612	vdb-entry, x_refsource_XF
	http://secunia.com/advisories/12733/	third-party-advisory, x_refsource_SECUNIA
	http://www-1.ibm.com/support/docview.wss?uid=swg21181228	x_refsource_CONFIRM
	http://marc.info/?l=bugtraq&m=110495332301120&w=2	mailing-list, x_refsource_BUGTRAQ

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:01:23.302Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.ngssoftware.com/advisories/db205012005E.txt"
          },
          {
            "name": "11396",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/11396"
          },
          {
            "name": "IY62040",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY62040\u0026apar=only"
          },
          {
            "name": "db2-satadmin-bo(17612)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17612"
          },
          {
            "name": "12733",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/12733/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21181228"
          },
          {
            "name": "20050105 IBM DB2 SATADMIN.SATENCRYPT buffer overflow (#NISR05012005E)",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=110495332301120\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2005-01-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in the SATENCRYPT function in IBM DB2 8.1, when Satellite Administration (SATADMIN) is enabled, allows remote attackers to execute arbitrary code via a long parameter."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.ngssoftware.com/advisories/db205012005E.txt"
        },
        {
          "name": "11396",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/11396"
        },
        {
          "name": "IY62040",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY62040\u0026apar=only"
        },
        {
          "name": "db2-satadmin-bo(17612)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17612"
        },
        {
          "name": "12733",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/12733/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21181228"
        },
        {
          "name": "20050105 IBM DB2 SATADMIN.SATENCRYPT buffer overflow (#NISR05012005E)",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=110495332301120\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2005-4867",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in the SATENCRYPT function in IBM DB2 8.1, when Satellite Administration (SATADMIN) is enabled, allows remote attackers to execute arbitrary code via a long parameter."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.ngssoftware.com/advisories/db205012005E.txt",
              "refsource": "MISC",
              "url": "http://www.ngssoftware.com/advisories/db205012005E.txt"
            },
            {
              "name": "11396",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/11396"
            },
            {
              "name": "IY62040",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY62040\u0026apar=only"
            },
            {
              "name": "db2-satadmin-bo(17612)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17612"
            },
            {
              "name": "12733",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/12733/"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21181228",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21181228"
            },
            {
              "name": "20050105 IBM DB2 SATADMIN.SATENCRYPT buffer overflow (#NISR05012005E)",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=110495332301120\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2005-4867",
    "datePublished": "2007-10-06T21:00:00",
    "dateReserved": "2007-10-06T00:00:00",
    "dateUpdated": "2024-08-08T00:01:23.302Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2006-6638

Vulnerability from cvelistv5

Published

2006-12-19 20:00

Modified

2024-09-16 22:51

Severity ?

Summary

IBM DB2 8.1 before FixPak 14 allows remote attackers to cause a denial of service via a crafted SQLJRA packet, which causes a NULL pointer dereference in the sqle_db2ra_as_recvrequest function in DB2ENGN.DLL, a different issue than CVE-2006-4257.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg1IY91847	vendor-advisory, x_refsource_AIXAPAR
	http://www.appsecinc.com/resources/alerts/db2/2006-11-30.shtml	x_refsource_MISC
	http://secunia.com/advisories/23397	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/bid/21646	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T20:33:59.740Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "IY91847",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY91847"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.appsecinc.com/resources/alerts/db2/2006-11-30.shtml"
          },
          {
            "name": "23397",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23397"
          },
          {
            "name": "21646",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/21646"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 8.1 before FixPak 14 allows remote attackers to cause a denial of service via a crafted SQLJRA packet, which causes a NULL pointer dereference in the sqle_db2ra_as_recvrequest function in DB2ENGN.DLL, a different issue than CVE-2006-4257."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2006-12-19T20:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "IY91847",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY91847"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.appsecinc.com/resources/alerts/db2/2006-11-30.shtml"
        },
        {
          "name": "23397",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/23397"
        },
        {
          "name": "21646",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/21646"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-6638",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 8.1 before FixPak 14 allows remote attackers to cause a denial of service via a crafted SQLJRA packet, which causes a NULL pointer dereference in the sqle_db2ra_as_recvrequest function in DB2ENGN.DLL, a different issue than CVE-2006-4257."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "IY91847",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IY91847"
            },
            {
              "name": "http://www.appsecinc.com/resources/alerts/db2/2006-11-30.shtml",
              "refsource": "MISC",
              "url": "http://www.appsecinc.com/resources/alerts/db2/2006-11-30.shtml"
            },
            {
              "name": "23397",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/23397"
            },
            {
              "name": "21646",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/21646"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-6638",
    "datePublished": "2006-12-19T20:00:00Z",
    "dateReserved": "2006-12-19T00:00:00Z",
    "dateUpdated": "2024-09-16T22:51:17.814Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2003-1049

Vulnerability from cvelistv5

Published

2004-08-20 04:00

Modified

2024-08-08 02:12

Severity ?

Summary

IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS directories with insecure permissions (777), which allows local users to modify or delete certain DB2 files.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/14030	vdb-entry, x_refsource_XF
	http://www.securityfocus.com/bid/9243	vdb-entry, x_refsource_BID
	http://www-1.ibm.com/support/search.wss?rs=0&q=IY44841&apar=only	vendor-advisory, x_refsource_AIXAPAR
	http://www-1.ibm.com/support/search.wss?rs=0&q=IY44842&apar=only	vendor-advisory, x_refsource_AIXAPAR

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:12:35.782Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "db2-dms-insecure-permissions(14030)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14030"
          },
          {
            "name": "9243",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/9243"
          },
          {
            "name": "IY44841",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY44841\u0026apar=only"
          },
          {
            "name": "IY44842",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY44842\u0026apar=only"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-11-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS directories with insecure permissions (777), which allows local users to modify or delete certain DB2 files."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "db2-dms-insecure-permissions(14030)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14030"
        },
        {
          "name": "9243",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/9243"
        },
        {
          "name": "IY44841",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY44841\u0026apar=only"
        },
        {
          "name": "IY44842",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY44842\u0026apar=only"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-1049",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS directories with insecure permissions (777), which allows local users to modify or delete certain DB2 files."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "db2-dms-insecure-permissions(14030)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14030"
            },
            {
              "name": "9243",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/9243"
            },
            {
              "name": "IY44841",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY44841\u0026apar=only"
            },
            {
              "name": "IY44842",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/search.wss?rs=0\u0026q=IY44842\u0026apar=only"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-1049",
    "datePublished": "2004-08-20T04:00:00",
    "dateReserved": "2004-08-19T00:00:00",
    "dateUpdated": "2024-08-08T02:12:35.782Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2008-3857

Vulnerability from cvelistv5

Published

2008-08-28 17:00

Modified

2024-08-07 09:53

Severity ?

Summary

The Base Service Utilities component in IBM DB2 9.1 before Fixpak 5 retains a cleartext password in memory after the database connection that sent the password is fully established, which might allow local users to obtain sensitive information by reading a memory dump.

References

▼	URL	Tags
	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilities/45139	vdb-entry, x_refsource_XF
	http://www-1.ibm.com/support/docview.wss?uid=swg1JR27422	vendor-advisory, x_refsource_AIXAPAR
	http://www.vupen.com/english/advisories/2008/1769	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/29601	vdb-entry, x_refsource_BID

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:53:00.417Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "ibm-db2-baseservices-info-disclosure(45139)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45139"
          },
          {
            "name": "JR27422",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR27422"
          },
          {
            "name": "ADV-2008-1769",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1769"
          },
          {
            "name": "29601",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/29601"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-06-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Base Service Utilities component in IBM DB2 9.1 before Fixpak 5 retains a cleartext password in memory after the database connection that sent the password is fully established, which might allow local users to obtain sensitive information by reading a memory dump."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "ibm-db2-baseservices-info-disclosure(45139)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45139"
        },
        {
          "name": "JR27422",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR27422"
        },
        {
          "name": "ADV-2008-1769",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1769"
        },
        {
          "name": "29601",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/29601"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-3857",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The Base Service Utilities component in IBM DB2 9.1 before Fixpak 5 retains a cleartext password in memory after the database connection that sent the password is fully established, which might allow local users to obtain sensitive information by reading a memory dump."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "ibm-db2-baseservices-info-disclosure(45139)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45139"
            },
            {
              "name": "JR27422",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR27422"
            },
            {
              "name": "ADV-2008-1769",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1769"
            },
            {
              "name": "29601",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/29601"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-3857",
    "datePublished": "2008-08-28T17:00:00",
    "dateReserved": "2008-08-28T00:00:00",
    "dateUpdated": "2024-08-07T09:53:00.417Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2009-4150

Vulnerability from cvelistv5

Published

2009-12-02 11:00

Modified

2024-09-16 23:35

Severity ?

Summary

dasauto in IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP1 permits execution by unprivileged user accounts, which has unspecified impact and local attack vectors.

References

▼	URL	Tags
	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40343	vendor-advisory, x_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg1IC64759	vendor-advisory, x_refsource_AIXAPAR
	http://secunia.com/advisories/36890	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg21403619	x_refsource_CONFIRM
	http://securitytracker.com/id?1023242	vdb-entry, x_refsource_SECTRACK
	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40340	vendor-advisory, x_refsource_AIXAPAR
	http://www.vupen.com/english/advisories/2009/3340	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/37454	third-party-advisory, x_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40352	vendor-advisory, x_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg21386689	x_refsource_CONFIRM

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:54:09.420Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "IZ40343",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40343"
          },
          {
            "name": "IC64759",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC64759"
          },
          {
            "name": "36890",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36890"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21403619"
          },
          {
            "name": "1023242",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023242"
          },
          {
            "name": "IZ40340",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40340"
          },
          {
            "name": "ADV-2009-3340",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/3340"
          },
          {
            "name": "37454",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37454"
          },
          {
            "name": "IZ40352",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40352"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21386689"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "dasauto in IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP1 permits execution by unprivileged user accounts, which has unspecified impact and local attack vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-12-02T11:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "IZ40343",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40343"
        },
        {
          "name": "IC64759",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC64759"
        },
        {
          "name": "36890",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36890"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21403619"
        },
        {
          "name": "1023242",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023242"
        },
        {
          "name": "IZ40340",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40340"
        },
        {
          "name": "ADV-2009-3340",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/3340"
        },
        {
          "name": "37454",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37454"
        },
        {
          "name": "IZ40352",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40352"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21386689"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-4150",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "dasauto in IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP1 permits execution by unprivileged user accounts, which has unspecified impact and local attack vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "IZ40343",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40343"
            },
            {
              "name": "IC64759",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC64759"
            },
            {
              "name": "36890",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36890"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21403619",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21403619"
            },
            {
              "name": "1023242",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1023242"
            },
            {
              "name": "IZ40340",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40340"
            },
            {
              "name": "ADV-2009-3340",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/3340"
            },
            {
              "name": "37454",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/37454"
            },
            {
              "name": "IZ40352",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40352"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21386689",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21386689"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-4150",
    "datePublished": "2009-12-02T11:00:00Z",
    "dateReserved": "2009-12-02T00:00:00Z",
    "dateUpdated": "2024-09-16T23:35:40.423Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2007-5758

Vulnerability from cvelistv5

Published

2008-04-16 18:00

Modified

2024-08-07 15:39

Severity ?

Summary

Stack-based buffer overflow in db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to execute arbitrary code via a long DASPROF environment variable.

References

▼	URL	Tags
	https://exchange.xforce.ibmcloud.com/vulnerabilities/41847	vdb-entry, x_refsource_XF
	http://www.securitytracker.com/id?1019853	vdb-entry, x_refsource_SECTRACK
	http://secunia.com/advisories/29784	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2008/1237/references	vdb-entry, x_refsource_VUPEN
	http://www.securityfocus.com/bid/27870	vdb-entry, x_refsource_BID
	http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=689	third-party-advisory, x_refsource_IDEFENSE

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:39:13.927Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "ibm-db2-db2dasrrm-dasprof-bo(41847)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41847"
          },
          {
            "name": "1019853",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1019853"
          },
          {
            "name": "29784",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29784"
          },
          {
            "name": "ADV-2008-1237",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1237/references"
          },
          {
            "name": "27870",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/27870"
          },
          {
            "name": "20080415 IBM DB2 Universal Database db2dasStartStopFMDaemon Buffer Overflow Vulnerability",
            "tags": [
              "third-party-advisory",
              "x_refsource_IDEFENSE",
              "x_transferred"
            ],
            "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=689"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-04-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Stack-based buffer overflow in db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to execute arbitrary code via a long DASPROF environment variable."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "ibm-db2-db2dasrrm-dasprof-bo(41847)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41847"
        },
        {
          "name": "1019853",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1019853"
        },
        {
          "name": "29784",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29784"
        },
        {
          "name": "ADV-2008-1237",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1237/references"
        },
        {
          "name": "27870",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/27870"
        },
        {
          "name": "20080415 IBM DB2 Universal Database db2dasStartStopFMDaemon Buffer Overflow Vulnerability",
          "tags": [
            "third-party-advisory",
            "x_refsource_IDEFENSE"
          ],
          "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=689"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-5758",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Stack-based buffer overflow in db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to execute arbitrary code via a long DASPROF environment variable."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ibm-db2-db2dasrrm-dasprof-bo(41847)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/41847"
            },
            {
              "name": "1019853",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1019853"
            },
            {
              "name": "29784",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29784"
            },
            {
              "name": "ADV-2008-1237",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1237/references"
            },
            {
              "name": "27870",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/27870"
            },
            {
              "name": "20080415 IBM DB2 Universal Database db2dasStartStopFMDaemon Buffer Overflow Vulnerability",
              "refsource": "IDEFENSE",
              "url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=689"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-5758",
    "datePublished": "2008-04-16T18:00:00",
    "dateReserved": "2007-10-31T00:00:00",
    "dateUpdated": "2024-08-07T15:39:13.927Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

All the vulnerabilites related to ibm - db2_universal_database

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

Vulnerability from fkie_nvd

cve-2008-3855

Vulnerability from cvelistv5

cve-2007-4418

Vulnerability from cvelistv5

cve-2007-6049

Vulnerability from cvelistv5

cve-2004-1372

Vulnerability from cvelistv5

cve-2007-5664

Vulnerability from cvelistv5

cve-2002-1583

Vulnerability from cvelistv5