Vulnerabilities > IBM > DB2 Universal Database > 9.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-04-16 | CVE-2007-5664 | Link Following vulnerability in IBM DB2 Universal Database 8/9.1/9.5 db2dasrrm in the DB2 Administration Server (DAS) in IBM DB2 Universal Database 9.5 before Fix Pack 1, 9.1 before Fix Pack 4a, and 8 before FixPak 16 allows local users to overwrite arbitrary files via a symlink attack on files used for initialization. | 6.9 |
2007-08-18 | CVE-2007-4423 | Buffer Errors vulnerability in IBM DB2 Universal Database 8.0/9.0/9.1 Stack-based buffer overflow in the AUTH_LIST_GROUPS_FOR_AUTHID function in IBM DB2 UDB 9.1 before Fixpak 3 allows attackers to cause a denial of service and possibly execute arbitrary code via a long argument. | 5.0 |
2007-02-23 | CVE-2007-1089 | Local Security vulnerability in IBM DB2 Universal Database 8.0/9.1 IBM DB2 Universal Database (UDB) 9.1 GA through 9.1 FP1 allows local users with table SELECT privileges to perform unauthorized UPDATE and DELETE SQL commands via unknown vectors. | 7.2 |
2007-02-23 | CVE-2007-1086 | Local Privilege Escalation vulnerability in IBM DB2 Universal Database Unspecified binaries in IBM DB2 8.x before 8.1 FixPak 15 and 9.1 before Fix Pack 2 allow local users to create or modify arbitrary files via unspecified environment variables related to "unsafe file access." | 7.2 |