CyberSec.Space Logo
Back to CVE Browser

CVE-2002-1583

HIGH
7.2
CVSS Severity Score
EPSS Score0.0600%
EPSS Percentile25.19th
PublishedSep 28, 2004
Last ModifiedApr 16, 2026

Vulnerability Description

Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Database 6.0 and 7.0 allows local users to execute arbitrary code via a long username that is read from a file descriptor argument.

Affected Platforms (CPE)

πŸ“¦
Ibm

Db2 Universal Database

= 6.0
πŸ“¦
Ibm

Db2 Universal Database

= 7.0
πŸ“¦
Ibm

Db2 Universal Database

= 7.1
πŸ“¦
Ibm

Db2 Universal Database

= 7.2
πŸ“¦
Ibm

Db2 Universal Database

= 8.2

References & Advisories

πŸ”— http://www.iss.net/security_center/static/9078.php
πŸ”— http://www.securityfocus.com/bid/4817
πŸ”— http://www.securitytracker.com/alerts/2002/May/1004352.html
πŸ”— http://www.iss.net/security_center/static/9078.php
πŸ”— http://www.securityfocus.com/bid/4817
πŸ”— http://www.securitytracker.com/alerts/2002/May/1004352.html

Related Vulnerabilities

CVE-2007-367610.0

IBM DB2 Universal Database (UDB) Administration Server (DAS) 8 before Fix Pack 16 and 9 before Fix Pack 4 allows remote attackers ...

CVE-2005-041710.0

Unknown "high risk" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and attack vectors. NOTE: due to t...

CVE-2005-47377.5

IBM DB2 Universal Database (UDB) 820 before ESE AIX 5765F4100 allows remote authenticated users to cause a denial of service (CPU ...

CVE-2001-00517.5

IBM DB2 Universal Database version 6.1 creates an account with a default user name and password, which allows remote attackers to ...