Shodan
Vulnerabilities
Vulnerable Software
Ibm:  >> Db2  Security Vulnerabilities
CVE-2008-0697
Unspecified vulnerability in DB2PD in IBM DB2 UDB before 8.2 Fixpak 16 allows local users to gain root privileges via unspecified vectors.
CVSS Score
7.2
EPSS Score
0.0
Published
2008-02-12
CVE-2008-0698
Buffer overflow in the DAS server in IBM DB2 UDB before 8.2 Fixpak 16 has unknown attack vectors, and an impact probably involving "invalid memory access."
CVSS Score
7.8
EPSS Score
0.006
Published
2008-02-12
CVE-2008-0699
Unspecified vulnerability in the ADMIN_SP_C procedure (SYSPROC.ADMIN_SP_C) in IBM DB2 UDB before 8.2 Fixpak 16, 9.1 before FP4a, and 9.5 before FP1 allows remote authenticated users to execute arbitrary code via unspecified attack vectors.
CVSS Score
9.0
EPSS Score
0.067
Published
2008-02-12
CVE-2007-5652
IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a list containing authentication information, which might allow attackers to cause a denial of service (instance crash) or trigger memory corruption. NOTE: the vendor description of this issue is too vague to be certain that it is security-related.
CVSS Score
7.8
EPSS Score
0.01
Published
2007-10-23
CVE-2007-5090
Unspecified vulnerability in IBM Rational ClearQuest (CQ), when a Microsoft SQL Server or an IBM DB2 database is used, allows attackers to corrupt data via unspecified vectors.
CVSS Score
7.5
EPSS Score
0.01
Published
2007-09-26
CVE-2007-2582
Multiple buffer overflows in the DB2 JDBC Applet Server (DB2JDS) service in IBM DB2 9.x and earlier allow remote attackers to (1) execute arbitrary code via a crafted packet to the DB2JDS service on tcp/6789; and cause a denial of service via (2) an invalid LANG parameter or (2) a long packet that generates a "MemTree overflow."
CVSS Score
10.0
EPSS Score
0.214
Published
2007-05-10
CVE-2007-1228
IBM DB2 UDB 8.2 before Fixpak 7 (aka fixpack 14), and DB2 9 before Fix Pack 2, on UNIX allows the "fenced" user to access certain unauthorized directories.
CVSS Score
4.4
EPSS Score
0.001
Published
2007-03-02
CVE-2007-1087
IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 does not properly terminate certain input strings, which allows local users to execute arbitrary code via unspecified environment variables that trigger a heap-based buffer overflow.
CVSS Score
7.2
EPSS Score
0.001
Published
2007-02-23
CVE-2007-1088
Stack-based buffer overflow in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allows local users to execute arbitrary code via a long string in unspecified environment variables.
CVSS Score
7.2
EPSS Score
0.001
Published
2007-02-23
CVE-2007-1027
Certain setuid DB2 binaries in IBM DB2 before 9 Fix Pack 2 for Linux and Unix allow local users to overwrite arbitrary files via a symlink attack on the DB2DIAG.LOG temporary file.
CVSS Score
4.4
EPSS Score
0.0
Published
2007-02-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved