Filtered by vendor Ibm Subscriptions
Filtered by product Db2 Universal Database Subscriptions
Total 67 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2005-4867 1 Ibm 1 Db2 Universal Database 2024-11-21 N/A
Stack-based buffer overflow in the SATENCRYPT function in IBM DB2 8.1, when Satellite Administration (SATADMIN) is enabled, allows remote attackers to execute arbitrary code via a long parameter.
CVE-2005-4866 1 Ibm 1 Db2 Universal Database 2024-11-21 N/A
Stack-based buffer overflow in JDBC Applet Server in IBM DB2 8.1 allows remote attackers to execute arbitrary by connecting and sending a long username, then disconnecting gracefully and reconnecting and sending a short username and an unexpected db2java.zip version, which causes a null terminator to be removed and leads to the overflow.
CVE-2005-4865 1 Ibm 1 Db2 Universal Database 2024-11-21 N/A
Stack-based buffer overflow in call in IBM DB2 7.x and 8.1 allows remote attackers to execute arbitrary code via a long libname.
CVE-2005-4864 1 Ibm 1 Db2 Universal Database 2024-11-21 N/A
Stack-based buffer overflow in libdb2.so in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long DB2LPORT environment variable.
CVE-2005-4863 1 Ibm 1 Db2 Universal Database 2024-11-21 N/A
Stack-based buffer overflow in db2fmp in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long parameter.
CVE-2005-4740 1 Ibm 1 Db2 Universal Database 2024-11-21 N/A
IBM DB2 Universal Database (UDB) 810 before version 8 FixPak 10 allows remote authenticated users to cause a denial of service (db2jd service crash) by "connecting from a downlevel client."
CVE-2005-4739 1 Ibm 1 Db2 Universal Database 2024-11-21 N/A
IBM DB2 Universal Database (UDB) 820 before version 8 FixPak 10 (s050811) allows remote authenticated users to cause a denial of service (application crash) by using a table function for an instance of snapshot_tbreorg, which triggers a trap in sqlnr_EStoE_action.
CVE-2005-4738 1 Ibm 1 Db2 Universal Database 2024-11-21 N/A
IBM DB2 Universal Database (UDB) 810 before ESE AIX 5765F4100 does not ensure that a user has execute privileges before permitting object creation based on routines, which allows remote authenticated users to gain privileges.
CVE-2005-4737 1 Ibm 1 Db2 Universal Database 2024-11-21 N/A
IBM DB2 Universal Database (UDB) 820 before ESE AIX 5765F4100 allows remote authenticated users to cause a denial of service (CPU consumption) by "abnormally" terminating a connection, which prevents db2agents from being properly cleared.
CVE-2005-4736 1 Ibm 1 Db2 Universal Database 2024-11-21 N/A
IBM DB2 Universal Database (UDB) 820 before 8.2 FP10 allows remote authenticated users to cause a denial of service (disk consumption) via a hash join (hsjn) that triggers an infinite loop in sqlri_hsjnFlushBlocks.
CVE-2005-4735 1 Ibm 1 Db2 Universal Database 2024-11-21 N/A
IBM DB2 Universal Database (UDB) 810 before 8.1 FP10 allows remote authenticated users to cause a denial of service (application crash) via (1) certain equality predicates that trigger self-removal, aka IY70808; and (2) a query with more than 32000 elements in the IN-list, aka LI70817.
CVE-2005-3643 1 Ibm 1 Db2 Universal Database 2024-11-21 N/A
IBM DB2 Database server running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication and log on to the guest account without supplying a password.
CVE-2005-0417 1 Ibm 1 Db2 Universal Database 2024-11-20 N/A
Unknown "high risk" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and attack vectors. NOTE: due to the delayed disclosure of details for this issue, this candidate may be SPLIT in the future. In addition, this may be a duplicate of other issues as reported by the vendor.
CVE-2004-1372 1 Ibm 1 Db2 Universal Database 2024-11-20 N/A
Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow local users to execute arbitrary code via (1) a long third argument to the rec2xml function or (2) a long filename argument to the generate_distfile procedure.
CVE-2004-0795 1 Ibm 1 Db2 Universal Database 2024-11-20 N/A
DB2 8.1 remote command server (DB2RCMD.EXE) executes the db2rcmdc.exe program as the db2admin administrator, which allows local users to gain privileges via the DB2REMOTECMD named pipe.
CVE-2003-1052 1 Ibm 2 Db2, Db2 Universal Database 2024-11-20 N/A
IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries that are used in setuid root programs.
CVE-2003-1049 1 Ibm 1 Db2 Universal Database 2024-11-20 N/A
IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS directories with insecure permissions (777), which allows local users to modify or delete certain DB2 files.
CVE-2003-0898 1 Ibm 1 Db2 Universal Database 2024-11-20 N/A
IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on (1) db2job and (2) db2job2.
CVE-2003-0837 1 Ibm 1 Db2 Universal Database 2024-11-20 N/A
Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 for Windows, before Fixpak 10a, allows attackers with "Connect" privileges to execute arbitrary code via the INVOKE command.
CVE-2003-0836 1 Ibm 1 Db2 Universal Database 2024-11-20 N/A
Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 before Fixpak 10 and 10a, and 8.1 before Fixpak 2, allows attackers with "Connect" privileges to execute arbitrary code via a LOAD command.