IBM DB2 : OVAL Definitions - Class: Vulnerability

Filter: Compliance Inventory Patch Vulnerability All Family: All Windows Unix IOS Pixos
Title Definition Id Class Family
Buffer overflow in the DB2 Administration Server (DAS) component in IBM DB2 9.1 before FP10, 9.5 before FP7, and 9.7 bef... oval:org.mitre.oval:def:14699 Vulnerability windows
Buffer overflow in the REPEAT function in IBM DB2 9.1 before FP9 allows remote authenticated users to cause a denial of ... oval:org.mitre.oval:def:14613 Vulnerability windows
DEPRECATED: Integer signedness error in the db2dasrrm process in the DB2 Administration Server (DAS) in IBM DB2 9.1 thro... oval:org.mitre.oval:def:14842 Vulnerability windows
DEPRECATED: kuddb2 in Tivoli Monitoring for DB2, as distributed in IBM DB2 9.7 FP1 on Linux, allows remote attackers to ... oval:org.mitre.oval:def:14289 Vulnerability windows
DEPRECATED: Unspecified vulnerability in IBM Tivoli Monitoring Agent (ITMA), as used in IBM DB2 9.5 before FP9 on UNIX, ... oval:org.mitre.oval:def:14526 Vulnerability windows
DEPRECATED: Unspecified vulnerability in IBM DB2 9.7 before FP5 on UNIX, when the Self Tuning Memory Manager (STMM) feat... oval:org.mitre.oval:def:14720 Vulnerability windows
Heap-based buffer overflow in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 allows remote authenticated use... oval:org.mitre.oval:def:14518 Vulnerability windows
IBM DB2 9.1 before FP10, 9.5 before FP6a, and 9.7 before FP2 on Linux, UNIX, and Windows does not properly revoke the DB... oval:org.mitre.oval:def:14295 Vulnerability windows
IBM DB2 9.1 before FP11, 9.5 before FP9, 9.7 before FP5, and 9.8 before FP4 allows remote attackers to cause a denial of... oval:org.mitre.oval:def:15078 Vulnerability windows
IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly enforce privilege requirements f... oval:org.mitre.oval:def:14122 Vulnerability windows
IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 does not properly check variables, which allows remote auth... oval:org.mitre.oval:def:15004 Vulnerability windows
IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly revoke role membership from grou... oval:org.mitre.oval:def:14688 Vulnerability windows
IBM DB2 9.5 uses world-writable permissions for nodes.reg, which has unspecified impact and attack vectors. oval:org.mitre.oval:def:14922 Vulnerability windows
IBM DB2 9.7 before FP3 does not perform the expected drops or invalidations of dependent functions upon a loss of privil... oval:org.mitre.oval:def:14669 Vulnerability windows
IBM DB2 9.7 before FP2, when AUTO_REVAL is IMMEDIATE, allows remote authenticated users to cause a denial of service (lo... oval:org.mitre.oval:def:14472 Vulnerability windows
IBM DB2 9.7 before FP2 does not perform the expected access control on the monitor administrative views in the SYSIBMADM... oval:org.mitre.oval:def:14430 Vulnerability windows
IBM DB2 9.7 before FP3 does not properly enforce privilege requirements for execution of entries in the dynamic SQL cach... oval:org.mitre.oval:def:14609 Vulnerability windows
Memory leak in the Relational Data Services component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users t... oval:org.mitre.oval:def:14567 Vulnerability windows
Memory leak in the Relational Data Services component in IBM DB2 UDB 9.5 before FP6a, when the connection concentrator i... oval:org.mitre.oval:def:13859 Vulnerability windows
Multiple untrusted search path vulnerabilities in (1) db2rspgn and (2) kbbacf1 in IBM DB2 Express Edition 9.7, as used i... oval:org.mitre.oval:def:14063 Vulnerability windows
Stack-based buffer overflow in the validateUser implementation in the com.ibm.db2.das.core.DasSysCmd function in db2dasr... oval:org.mitre.oval:def:14687 Vulnerability windows
The "Query Compiler, Rewrite, Optimizer" component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to c... oval:org.mitre.oval:def:14736 Vulnerability windows
The DB2DART program in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 allows attackers to bypass intended fi... oval:org.mitre.oval:def:13841 Vulnerability windows
The DRDA Services component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of servic... oval:org.mitre.oval:def:14219 Vulnerability windows
The Engine Utilities component in IBM DB2 UDB 9.5 before FP6a uses world-writable permissions for the sqllib/cfg/db2sprf... oval:org.mitre.oval:def:14707 Vulnerability windows
The Install component in IBM DB2 UDB 9.5 before FP6a on Linux, UNIX, and Windows enforces an unintended limit on passwor... oval:org.mitre.oval:def:14764 Vulnerability windows
The Net Search Extender (NSE) implementation in the Text Search component in IBM DB2 UDB 9.5 before FP6a does not proper... oval:org.mitre.oval:def:13811 Vulnerability windows
The Security component in IBM DB2 UDB 9.5 before FP6a logs AUDIT events by using a USERID and an AUTHID value correspond... oval:org.mitre.oval:def:14488 Vulnerability windows
The XML feature in IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 allows remote authenticated users to cau... oval:org.mitre.oval:def:14450 Vulnerability windows
Unspecified vulnerability in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 on Windows Server 2008 allows at... oval:org.mitre.oval:def:14647 Vulnerability windows
Total number of results : 31
Page : 1 (This Page) 2

OVAL Definitions By Referenced Objects

How does it work?   User agreement and privacy statement   About & Contact
CVE is a registred trademark of the MITRE Corporation and the authoritive source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritive source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritive source of OVAL content is MITRE's OVAL web site.
Warning: This site and all data are provided as is. It is not guaranteed that all information is accurate and complete. Use any information provided on this site at your own risk. By using this site you accept that you know that these data are provided as is and not guaranteed to be accurate, correct or complete. All trademarks appearing on this site are the property of their respective owners in the US or other countries. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss. PLEASE SEE nvd.nist.gov and oval.mitre.org for more details about OVAL language and definitions.
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor/web site owner/maintainer be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
Use of OVAL and all related data is subject to terms of use defined by Mitre at http://oval.mitre.org/oval/about/termsofuse.html