| Max CVSS | 7.2 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2009-4331 | 7.2 |
The Install component in IBM DB2 9.5 before FP5 and 9.7 before FP1 configures the High Availability (HA) scripts with incorrect file-permission and authorization settings, which has unknown impact and local attack vectors.
|
07-10-2010 - 05:44 | 16-12-2009 - 18:30 | |
| CVE-2009-4326 | 4.3 |
The RAND scalar function in the Common Code Infrastructure component in IBM DB2 9.5 before FP5 and 9.7 before FP1, when the Database Partitioning Feature (DPF) is used, produces "repeating" return values, which might allow attackers to defeat protect
|
29-06-2010 - 04:00 | 16-12-2009 - 18:30 | |
| CVE-2009-4327 | 5.0 |
The Common Code Infrastructure component in IBM DB2 9.5 before FP5 and 9.7 before FP1 does not properly validate the size of a memory pool during a creation attempt, which allows attackers to cause a denial of service (memory consumption) via unspeci
|
29-06-2010 - 04:00 | 16-12-2009 - 18:30 | |
| CVE-2009-4334 | 4.6 |
The Self Tuning Memory Manager (STMM) component in IBM DB2 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 uses 0666 permissions for the STMM log file, which allows local users to cause a denial of service or have unspecified other impact by writi
|
29-06-2010 - 04:00 | 16-12-2009 - 18:30 | |
| CVE-2009-4325 | 6.4 |
The Client Interfaces component in IBM DB2 8.2 before FP18, 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 does not validate an unspecified pointer, which allows attackers to overwrite "external memory" via unknown vectors, related to a missing "
|
29-06-2010 - 04:00 | 16-12-2009 - 18:30 |