Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Db2_universal_database
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 67 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2006-12-19 | CVE-2006-6638 | IBM DB2 8.1 before FixPak 14 allows remote attackers to cause a denial of service via a crafted SQLJRA packet, which causes a NULL pointer dereference in the sqle_db2ra_as_recvrequest function in DB2ENGN.DLL, a different issue than CVE-2006-4257. | Db2_universal_database | N/A | ||
| 2006-06-19 | CVE-2006-3068 | IBM DB2 Universal Database (UDB) before 8.2 FixPak 12 allows remote attackers to cause a denial of service (application crash) by sending "incorrect information ... regarding the package name/creator," which leads to a "memory overwrite." | Db2_universal_database | N/A | ||
| 2006-06-19 | CVE-2006-3067 | Multiple unspecified vulnerabilities in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allow remote attackers to cause a denial of service (application crash) via a (1) "long column list" in the (a) REPLACE INTO and (b) INSERT INTO portions of the LOAD command or a (2) large number of values in an IN clause, possibly related to a buffer overflow. | Db2_universal_database | N/A | ||
| 2006-06-19 | CVE-2006-3066 | Buffer overflow in the TCP/IP listener in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allows remote attackers to cause a denial of service (application crash) via a long MGRLVLLS message inside of an EXCSAT message when establishing a connection. | Db2_universal_database | N/A | ||
| 2005-12-31 | CVE-2005-4867 | Stack-based buffer overflow in the SATENCRYPT function in IBM DB2 8.1, when Satellite Administration (SATADMIN) is enabled, allows remote attackers to execute arbitrary code via a long parameter. | Db2_universal_database | N/A | ||
| 2005-12-31 | CVE-2005-4866 | Stack-based buffer overflow in JDBC Applet Server in IBM DB2 8.1 allows remote attackers to execute arbitrary by connecting and sending a long username, then disconnecting gracefully and reconnecting and sending a short username and an unexpected db2java.zip version, which causes a null terminator to be removed and leads to the overflow. | Db2_universal_database | N/A | ||
| 2005-12-31 | CVE-2005-4865 | Stack-based buffer overflow in call in IBM DB2 7.x and 8.1 allows remote attackers to execute arbitrary code via a long libname. | Db2_universal_database | N/A | ||
| 2005-12-31 | CVE-2005-4864 | Stack-based buffer overflow in libdb2.so in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long DB2LPORT environment variable. | Db2_universal_database | N/A | ||
| 2005-12-31 | CVE-2005-4863 | Stack-based buffer overflow in db2fmp in IBM DB2 7.x and 8.1 allows local users to execute arbitrary code via a long parameter. | Db2_universal_database | N/A | ||
| 2005-12-31 | CVE-2005-4740 | IBM DB2 Universal Database (UDB) 810 before version 8 FixPak 10 allows remote authenticated users to cause a denial of service (db2jd service crash) by "connecting from a downlevel client." | Db2_universal_database | N/A |