Vulnerabilities > IBM > DB2 Universal Database > 8.1.6
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-02-23 | CVE-2007-1086 | Local Privilege Escalation vulnerability in IBM DB2 Universal Database Unspecified binaries in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allow local users to create or modify arbitrary files via unspecified environment variables related to "unsafe file access." | 7.2 |
2006-12-19 | CVE-2006-6638 | Remote SQLJRA Packet Denial of Service vulnerability in IBM DB2 IBM DB2 8.1 before FixPak 14 allows remote attackers to cause a denial of service via a crafted SQLJRA packet, which causes a NULL pointer dereference in the sqle_db2ra_as_recvrequest function in DB2ENGN.DLL, a different issue than CVE-2006-4257. | 5.0 |
2006-06-19 | CVE-2006-3066 | Denial of Service vulnerability in IBM DB2 Universal Database Buffer overflow in the TCP/IP listener in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allows remote attackers to cause a denial of service (application crash) via a long MGRLVLLS message inside of an EXCSAT message when establishing a connection. | 5.0 |
2005-12-31 | CVE-2005-4740 | Multiple vulnerability in IBM DB2 Universal Database IBM DB2 Universal Database (UDB) 810 before version 8 FixPak 10 allows remote authenticated users to cause a denial of service (db2jd service crash) by "connecting from a downlevel client." | 4.0 |
2005-12-31 | CVE-2005-4739 | Multiple vulnerability in IBM DB2 Universal Database IBM DB2 Universal Database (UDB) 820 before version 8 FixPak 10 (s050811) allows remote authenticated users to cause a denial of service (application crash) by using a table function for an instance of snapshot_tbreorg, which triggers a trap in sqlnr_EStoE_action. | 6.8 |
2005-12-31 | CVE-2005-4738 | Multiple vulnerability in IBM DB2 Universal Database IBM DB2 Universal Database (UDB) 810 before ESE AIX 5765F4100 does not ensure that a user has execute privileges before permitting object creation based on routines, which allows remote authenticated users to gain privileges. | 6.5 |
2005-12-31 | CVE-2005-4737 | Multiple vulnerability in IBM DB2 Universal Database IBM DB2 Universal Database (UDB) 820 before ESE AIX 5765F4100 allows remote authenticated users to cause a denial of service (CPU consumption) by "abnormally" terminating a connection, which prevents db2agents from being properly cleared. | 7.5 |
2005-12-31 | CVE-2005-4736 | Multiple vulnerability in IBM DB2 Universal Database IBM DB2 Universal Database (UDB) 820 before 8.2 FP10 allows remote authenticated users to cause a denial of service (disk consumption) via a hash join (hsjn) that triggers an infinite loop in sqlri_hsjnFlushBlocks. | 6.8 |
2005-12-31 | CVE-2005-4735 | Multiple vulnerability in IBM DB2 Universal Database IBM DB2 Universal Database (UDB) 810 before 8.1 FP10 allows remote authenticated users to cause a denial of service (application crash) via (1) certain equality predicates that trigger self-removal, aka IY70808; and (2) a query with more than 32000 elements in the IN-list, aka LI70817. | 6.8 |
2005-11-16 | CVE-2005-3643 | Authentication Bypass vulnerability in IBM DB2 Windows XP Simple File Sharing IBM DB2 Database server running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication and log on to the guest account without supplying a password. | 7.5 |