Ibm: >> Db2 Universal Database >> 9.0 Security Vulnerabilities
Untrusted search path vulnerability in db2pd in IBM DB2 Universal Database (UDB) 8 before FixPak 16 and 9 before Fix Pack 4 allows local users to gain root privileges via a modified DB2INSTANCE environment variable that points to a malicious library. NOTE: this might be the same issue as CVE-2008-0697.
CVSS Score
6.9
EPSS Score
0.001
Published
2008-02-13
Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID function in IBM DB2 UDB 9.1 before Fixpak 3 allows attackers to cause a denial of service and possibly execute arbitrary code via a long argument.
CVSS Score
5.0
EPSS Score
0.01
Published
2007-08-18