Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Db2
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 264 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2009-12-16 | CVE-2009-4331 | The Install component in IBM DB2 9.5 before FP5 and 9.7 before FP1 configures the High Availability (HA) scripts with incorrect file-permission and authorization settings, which has unknown impact and local attack vectors. | Db2 | N/A | ||
| 2009-12-16 | CVE-2009-4330 | Unspecified vulnerability in db2licm in the Engine Utilities component in IBM DB2 9.5 before FP5 has unknown impact and local attack vectors. | Db2 | N/A | ||
| 2009-12-16 | CVE-2009-4329 | Unspecified vulnerability in the Engine Utilities component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service (segmentation fault) by modifying the db2ra data stream sent in a request from the Load Utility. | Db2 | N/A | ||
| 2009-12-16 | CVE-2009-4328 | Unspecified vulnerability in the DRDA Services component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service (server trap) by calling a SQL stored procedure in unknown circumstances. | Db2 | N/A | ||
| 2009-12-16 | CVE-2009-4327 | The Common Code Infrastructure component in IBM DB2 9.5 before FP5 and 9.7 before FP1 does not properly validate the size of a memory pool during a creation attempt, which allows attackers to cause a denial of service (memory consumption) via unspecified vectors. | Db2 | N/A | ||
| 2009-12-16 | CVE-2009-4326 | The RAND scalar function in the Common Code Infrastructure component in IBM DB2 9.5 before FP5 and 9.7 before FP1, when the Database Partitioning Feature (DPF) is used, produces "repeating" return values, which might allow attackers to defeat protection mechanisms based on randomization by predicting a value. | Db2 | N/A | ||
| 2009-12-16 | CVE-2009-4325 | The Client Interfaces component in IBM DB2 8.2 before FP18, 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 does not validate an unspecified pointer, which allows attackers to overwrite "external memory" via unknown vectors, related to a missing "check for null pointers." | Db2 | N/A | ||
| 2009-12-02 | CVE-2009-4150 | dasauto in IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP1 permits execution by unprivileged user accounts, which has unspecified impact and local attack vectors. | Db2, Db2_universal_database | N/A | ||
| 2009-09-29 | CVE-2009-3473 | IBM DB2 9.1 before FP8 does not require the SETSESSIONUSER privilege for the SET SESSION AUTHORIZATION statement, which has unspecified impact and remote attack vectors. | Db2 | N/A | ||
| 2009-09-29 | CVE-2009-3472 | IBM DB2 8 before FP18, 9.1 before FP8, and 9.5 before FP4 allows remote authenticated users to bypass intended access restrictions, and update, insert, or delete table rows, via unspecified vectors. | Db2 | N/A |