Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Db2_universal_database
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 67 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2005-12-31 | CVE-2005-4739 | IBM DB2 Universal Database (UDB) 820 before version 8 FixPak 10 (s050811) allows remote authenticated users to cause a denial of service (application crash) by using a table function for an instance of snapshot_tbreorg, which triggers a trap in sqlnr_EStoE_action. | Db2_universal_database | N/A | ||
| 2005-12-31 | CVE-2005-4738 | IBM DB2 Universal Database (UDB) 810 before ESE AIX 5765F4100 does not ensure that a user has execute privileges before permitting object creation based on routines, which allows remote authenticated users to gain privileges. | Db2_universal_database | N/A | ||
| 2005-12-31 | CVE-2005-4737 | IBM DB2 Universal Database (UDB) 820 before ESE AIX 5765F4100 allows remote authenticated users to cause a denial of service (CPU consumption) by "abnormally" terminating a connection, which prevents db2agents from being properly cleared. | Db2_universal_database | N/A | ||
| 2005-12-31 | CVE-2005-4736 | IBM DB2 Universal Database (UDB) 820 before 8.2 FP10 allows remote authenticated users to cause a denial of service (disk consumption) via a hash join (hsjn) that triggers an infinite loop in sqlri_hsjnFlushBlocks. | Db2_universal_database | N/A | ||
| 2005-12-31 | CVE-2005-4735 | IBM DB2 Universal Database (UDB) 810 before 8.1 FP10 allows remote authenticated users to cause a denial of service (application crash) via (1) certain equality predicates that trigger self-removal, aka IY70808; and (2) a query with more than 32000 elements in the IN-list, aka LI70817. | Db2_universal_database | N/A | ||
| 2005-11-16 | CVE-2005-3643 | IBM DB2 Database server running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication and log on to the guest account without supplying a password. | Db2_universal_database | N/A | ||
| 2005-04-27 | CVE-2005-0417 | Unknown "high risk" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and attack vectors. NOTE: due to the delayed disclosure of details for this issue, this candidate may be SPLIT in the future. In addition, this may be a duplicate of other issues as reported by the vendor. | Db2_universal_database | N/A | ||
| 2004-09-01 | CVE-2004-1372 | Multiple stack-based buffer overflows in IBM DB2 7.x and 8.1 allow local users to execute arbitrary code via (1) a long third argument to the rec2xml function or (2) a long filename argument to the generate_distfile procedure. | Db2_universal_database | N/A | ||
| 2004-10-20 | CVE-2004-0795 | DB2 8.1 remote command server (DB2RCMD.EXE) executes the db2rcmdc.exe program as the db2admin administrator, which allows local users to gain privileges via the DB2REMOTECMD named pipe. | Db2_universal_database | N/A | ||
| 2004-09-28 | CVE-2003-1052 | IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries that are used in setuid root programs. | Db2, Db2_universal_database | N/A |