Max CVSS 10.0 Min CVSS 2.6 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2009-4335 10.0
Multiple unspecified vulnerabilities in bundled stored procedures in the Spatial Extender component in IBM DB2 9.5 before FP5 have unknown impact and remote attack vectors, related to "remote exploits."
17-08-2017 - 01:31 16-12-2009 - 18:30
CVE-2009-1905 2.6
The Common Code Infrastructure component in IBM DB2 8 before FP17, 9.1 before FP7, and 9.5 before FP4, when LDAP security (aka IBMLDAPauthserver) and anonymous bind are enabled, allows remote attackers to bypass password authentication and establish
17-08-2017 - 01:30 03-06-2009 - 21:00
CVE-2009-4331 7.2
The Install component in IBM DB2 9.5 before FP5 and 9.7 before FP1 configures the High Availability (HA) scripts with incorrect file-permission and authorization settings, which has unknown impact and local attack vectors.
07-10-2010 - 05:44 16-12-2009 - 18:30
CVE-2009-4439 4.0
Unspecified vulnerability in the Query Compiler, Rewrite, and Optimizer component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service (instance crash) by compiling a SQL query.
29-06-2010 - 04:00 28-12-2009 - 19:30
CVE-2009-4438 6.5
The Query Compiler, Rewrite, and Optimizer component in IBM DB2 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 does not enforce privilege requirements for access to a (1) sequence or (2) global-variable object, which allows remote authenticated u
29-06-2010 - 04:00 28-12-2009 - 19:30
CVE-2009-4328 4.0
Unspecified vulnerability in the DRDA Services component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service (server trap) by calling a SQL stored procedure in unknown circumstances.
29-06-2010 - 04:00 16-12-2009 - 18:30
CVE-2009-4326 4.3
The RAND scalar function in the Common Code Infrastructure component in IBM DB2 9.5 before FP5 and 9.7 before FP1, when the Database Partitioning Feature (DPF) is used, produces "repeating" return values, which might allow attackers to defeat protect
29-06-2010 - 04:00 16-12-2009 - 18:30
CVE-2009-4330 7.2
Unspecified vulnerability in db2licm in the Engine Utilities component in IBM DB2 9.5 before FP5 has unknown impact and local attack vectors.
29-06-2010 - 04:00 16-12-2009 - 18:30
CVE-2009-4327 5.0
The Common Code Infrastructure component in IBM DB2 9.5 before FP5 and 9.7 before FP1 does not properly validate the size of a memory pool during a creation attempt, which allows attackers to cause a denial of service (memory consumption) via unspeci
29-06-2010 - 04:00 16-12-2009 - 18:30
CVE-2009-4332 5.0
db2pd in the Problem Determination component in IBM DB2 9.1 before FP7 and 9.5 before FP5 allows attackers to cause a denial of service (NULL pointer dereference and application termination) via unspecified vectors. Per: http://cwe.mitre.org/data/def
29-06-2010 - 04:00 16-12-2009 - 18:30
CVE-2009-4334 4.6
The Self Tuning Memory Manager (STMM) component in IBM DB2 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 uses 0666 permissions for the STMM log file, which allows local users to cause a denial of service or have unspecified other impact by writi
29-06-2010 - 04:00 16-12-2009 - 18:30
CVE-2009-4333 7.5
The Relational Data Services component in IBM DB2 9.5 before FP5 allows attackers to obtain the password argument from the SET ENCRYPTION PASSWORD statement via vectors involving the GET SNAPSHOT FOR DYNAMIC SQL command.
29-06-2010 - 04:00 16-12-2009 - 18:30
CVE-2009-4325 6.4
The Client Interfaces component in IBM DB2 8.2 before FP18, 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 does not validate an unspecified pointer, which allows attackers to overwrite "external memory" via unknown vectors, related to a missing "
29-06-2010 - 04:00 16-12-2009 - 18:30
CVE-2009-4329 4.0
Unspecified vulnerability in the Engine Utilities component in IBM DB2 9.5 before FP5 allows remote authenticated users to cause a denial of service (segmentation fault) by modifying the db2ra data stream sent in a request from the Load Utility.
17-12-2009 - 05:00 16-12-2009 - 18:30
CVE-2009-1906 4.3
The DRDA Services component in IBM DB2 9.1 before FP7 and 9.5 before FP4 allows remote attackers to cause a denial of service (memory corruption and application crash) via an IPv6 address in the correlation token in the APPID string, as demonstrated
10-06-2009 - 04:00 03-06-2009 - 21:00
Back to Top Mark selected
Back to Top