cpe:2.3:a:ibm:db2:9.5:fp5:*:*:*:*:*:*
IBM DB2 9.5 uses world-writable permissions for nodes.reg, which has unspecified impact and attack vectors.
Max CVSS
10.0
EPSS Score
0.25%
Published
2012-03-20
Updated
2018-01-10
Stack-based buffer overflow in the validateUser implementation in the com.ibm.db2.das.core.DasSysCmd function in db2dasrrm in the DB2 Administration Server (DAS) component in IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP3 allows remote attackers to execute arbitrary code via a long username string.
Max CVSS
10.0
EPSS Score
51.64%
Published
2010-10-05
Updated
2017-09-19
Unspecified vulnerability in the DB2STST program in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 has unknown impact and attack vectors.
Max CVSS
10.0
EPSS Score
0.82%
Published
2010-08-31
Updated
2017-09-19
Multiple unspecified vulnerabilities in bundled stored procedures in the Spatial Extender component in IBM DB2 9.5 before FP5 have unknown impact and remote attack vectors, related to "remote exploits."
Max CVSS
10.0
EPSS Score
0.60%
Published
2009-12-16
Updated
2017-08-17
The Native Managed Provider for .NET component in IBM DB2 8 before FP17, 9.1 before FP6, and 9.5 before FP2, when a definer cannot maintain objects, preserves views and triggers without marking them inoperative or dropping them, which has unknown impact and attack vectors.
Max CVSS
10.0
EPSS Score
0.76%
Published
2008-10-22
Updated
2017-08-08
Unspecified vulnerability in the ADMIN_SP_C procedure (SYSPROC.ADMIN_SP_C) in IBM DB2 UDB before 8.2 Fixpak 16, 9.1 before FP4a, and 9.5 before FP1 allows remote authenticated users to execute arbitrary code via unspecified attack vectors.
Max CVSS
9.0
EPSS Score
2.00%
Published
2008-02-12
Updated
2018-11-01
6 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!