CyberSec.Space Logo
返回 CVE 浏览器

CVE-2002-1583

HIGH
7.2
CVSS Severity Score
EPSS Score0.0600%
EPSS Percentile25.19th
Published2004年9月28日
Last Modified2026年4月16日

Vulnerability Description

Buffer overflow in sqllib/security/db2ckpw for IBM DB2 Universal Database 6.0 and 7.0 allows local users to execute arbitrary code via a long username that is read from a file descriptor argument.

Affected Platforms (CPE)

📦
Ibm

Db2 Universal Database

= 6.0
📦
Ibm

Db2 Universal Database

= 7.0
📦
Ibm

Db2 Universal Database

= 7.1
📦
Ibm

Db2 Universal Database

= 7.2
📦
Ibm

Db2 Universal Database

= 8.2

References & Advisories

🔗 http://www.iss.net/security_center/static/9078.php
🔗 http://www.securityfocus.com/bid/4817
🔗 http://www.securitytracker.com/alerts/2002/May/1004352.html
🔗 http://www.iss.net/security_center/static/9078.php
🔗 http://www.securityfocus.com/bid/4817
🔗 http://www.securitytracker.com/alerts/2002/May/1004352.html

相关漏洞威胁

CVE-2007-367610.0

IBM DB2 Universal Database (UDB) Administration Server (DAS) 8 before Fix Pack 16 and 9 before Fix Pack 4 allows remote attackers ...

CVE-2005-041710.0

Unknown "high risk" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and attack vectors. NOTE: due to t...

CVE-2005-47377.5

IBM DB2 Universal Database (UDB) 820 before ESE AIX 5765F4100 allows remote authenticated users to cause a denial of service (CPU ...

CVE-2001-00517.5

IBM DB2 Universal Database version 6.1 creates an account with a default user name and password, which allows remote attackers to ...