Vulnerabilities > IBM > DB2 Universal Database > 8
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-12-02 | CVE-2009-4150 | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 and DB2 Universal Database dasauto in IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP1 permits execution by unprivileged user accounts, which has unspecified impact and local attack vectors. | 4.6 |
| 2008-08-28 | CVE-2008-3856 | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 Universal Database 8/8.0/9.1 The routine infrastructure component in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP1 on Unix and Linux does not change the ownership of the db2fmp process, which has unknown impact and attack vectors. | 7.5 |
| 2008-04-16 | CVE-2007-5758 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in IBM DB2 Universal Database 8/9.1/9.5 Stack-based buffer overflow in db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to execute arbitrary code via a long DASPROF environment variable. | 6.9 |
| 2008-04-16 | CVE-2007-5664 | Link Following vulnerability in IBM DB2 Universal Database 8/9.1/9.5 db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to overwrite arbitrary files via a symlink attack on files used for initialization. | 6.9 |