Vulnerabilities > Unix
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-11-20 | CVE-2007-6053 | Resource Management Errors vulnerability in IBM DB2 Universal Database IBM DB2 UDB 9.1 before Fixpak 4 does not properly handle use of large numbers of file descriptors, which might allow attackers to have an unknown impact involving "memory corruption." NOTE: the vendor description of this issue is too vague to be certain that it is security-related. | 9.3 |
| 2007-11-20 | CVE-2007-6052 | Privilege Escalation vulnerability in IBM DB2 IBM DB2 UDB 9.1 before Fixpak 4 does not properly perform vector aggregation, which might allow attackers to cause a denial of service (divide-by-zero error and DBMS crash), related to an "overflow." NOTE: the vendor description of this issue is too vague to be certain that it is security-related. | 7.8 |
| 2007-11-20 | CVE-2007-6051 | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 Universal Database IBM DB2 UDB 9.1 before Fixpak 4 assigns incorrect privileges to the (1) DB2ADMNS and (2) DB2USERS alternative groups, which has unknown impact. | 10.0 |
| 2007-11-20 | CVE-2007-6050 | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 Universal Database Unspecified vulnerability in DB2LICD in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, related to creation of an "insecure directory." | 7.2 |
| 2007-11-20 | CVE-2007-6049 | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 Universal Database Unspecified vulnerability in the SSL LOAD GSKIT action in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors, involving a call to dlopen when the effective uid is root. | 7.2 |
| 2007-11-20 | CVE-2007-6048 | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 Universal Database IBM DB2 UDB 9.1 before Fixpak 4 uses incorrect permissions on ACLs for DB2NODES.CFG, which has unknown impact and attack vectors. | 10.0 |
| 2007-11-20 | CVE-2007-6047 | Permissions, Privileges, and Access Controls vulnerability in IBM DB2 Universal Database Unspecified vulnerability in the DB2DART tool in IBM DB2 UDB 9.1 before Fixpak 4 allows attackers to execute arbitrary commands as the DB2 instance owner, related to invocation of TPUT by DB2DART. | 10.0 |
| 2007-11-20 | CVE-2007-6046 | Privilege Escalation vulnerability in IBM DB2 Unspecified vulnerability in unspecified setuid programs in IBM DB2 UDB 9.1 before Fixpak 4 allows local users to have an unknown impact. | 7.2 |
| 2007-11-20 | CVE-2007-6045 | Privilege Escalation vulnerability in IBM DB2 Unspecified vulnerability in (1) DB2WATCH and (2) DB2FREEZE in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vectors. | 10.0 |
| 2007-06-06 | CVE-2007-3073 | Directory Traversal vulnerability in Firefox Directory traversal vulnerability in Mozilla Firefox 2.0.0.4 and earlier on Mac OS X and Unix allows remote attackers to read arbitrary files via ..%2F (dot dot encoded slash) sequences in a resource:// URI. | 7.8 |