IBM » Db2 Universal Database : Security Vulnerabilities, CVEs, Published In 2007 (Overflow)
Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID function in IBM DB2 UDB 9.1 before Fixpak 3 allows attackers to cause a denial of service and possibly execute arbitrary code via a long argument.
Max CVSS
5.0
EPSS Score
2.49%
Published
2007-08-18
Updated
2018-10-15
Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows attackers to execute arbitrary code via a long DASPROF and possibly other environment variables, which are copied into the buildDasPaths buffer.
Max CVSS
6.9
EPSS Score
0.14%
Published
2007-08-18
Updated
2017-07-29
IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary directories and execute arbitrary code via a "crafted localized message file" that enables a format string attack, possibly involving the (1) OSSEMEMDBG or (2) TRC_LOG_FILE environment variable in db2licd (db2licm).
Max CVSS
4.6
EPSS Score
0.04%
Published
2007-08-18
Updated
2017-07-29
3 vulnerabilities found