| Max CVSS | 6.9 | Min CVSS | 1.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2007-4423 | 5.0 |
Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID function in IBM DB2 UDB 9.1 before Fixpak 3 allows attackers to cause a denial of service and possibly execute arbitrary code via a long argument.
|
15-10-2018 - 21:35 | 18-08-2007 - 21:17 | |
| CVE-2007-4273 | 4.6 |
IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary directories and execute arbitrary code via a "crafted localized message file" that enables a format string attack, possibly involving the (1) OSSEMEMDBG or
|
29-07-2017 - 01:32 | 18-08-2007 - 21:17 | |
| CVE-2007-4275 | 6.9 |
Multiple untrusted search path vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain privileges via certain vectors related to (1) DB2 instance or FMP startup on Linux and Solaris; (2) exec of executables
|
29-07-2017 - 01:32 | 18-08-2007 - 21:17 | |
| CVE-2007-4418 | 5.5 |
IBM DB2 UDB 8 before Fixpak 15 does not properly check authorization, which allows remote authenticated users with a certain SELECT privilege to have an unknown impact via unspecified vectors. NOTE: this issue is probably related to CVE-2007-1089, b
|
29-07-2017 - 01:32 | 18-08-2007 - 21:17 | |
| CVE-2007-4417 | 6.0 |
IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 does not properly revoke privileges on methods, which allows remote authenticated users to execute a method after revocation until the routine auth cache is flushed.
|
29-07-2017 - 01:32 | 18-08-2007 - 21:17 | |
| CVE-2007-4272 | 1.9 |
Multiple vulnerabilities in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to create arbitrary files via (1) unspecified vectors where an attacker's umask is honored, (2) /etc/ld.so.preload, (3) certain "cron data file locat
|
29-07-2017 - 01:32 | 18-08-2007 - 21:17 | |
| CVE-2007-4276 | 6.9 |
Stack-based buffer overflow in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows attackers to execute arbitrary code via a long DASPROF and possibly other environment variables, which are copied into the buildDasPaths buffer.
|
29-07-2017 - 01:32 | 18-08-2007 - 21:17 | |
| CVE-2007-4270 | 6.9 |
Multiple race conditions in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain root privileges via a symlink attack on certain files.
|
29-07-2017 - 01:32 | 18-08-2007 - 21:17 | |
| CVE-2007-4271 | 2.1 |
Directory traversal vulnerability in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allows local users to create arbitrary files via a .. (dot dot) in an unspecified environment variable, which is appended to "/tmp/" and used as a log file.
|
08-03-2011 - 02:58 | 18-08-2007 - 21:17 |