返回 CVE 瀏覽器

CVE-2007-2582

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.0240%

EPSS Percentile27.50th

Published2007年5月10日

Last Modified2026年4月23日

Vulnerability Description

Multiple buffer overflows in the DB2 JDBC Applet Server (DB2JDS) service in IBM DB2 9.x and earlier allow remote attackers to (1) execute arbitrary code via a crafted packet to the DB2JDS service on tcp/6789; and cause a denial of service via (2) an invalid LANG parameter or (2) a long packet that generates a "MemTree overflow."

Affected Platforms (CPE)

📦

Ibm

Db2

<= 9.0

References & Advisories

🔗 http://osvdb.org/40973

🔗 http://osvdb.org/40975

🔗 http://secunia.com/advisories/25148

🔗 http://www-1.ibm.com/support/search.wss?rs=0&q=IY97750&apar=only

🔗 http://www.securityfocus.com/archive/1/482024/100/0/threaded

🔗 http://www.securityfocus.com/bid/23890

🔗 http://www.securityfocus.com/bid/26010

🔗 http://www.securitytracker.com/id?1018029

相關漏洞威脅

CVE-2007-605110.0

IBM DB2 UDB 9.1 before Fixpak 4 assigns incorrect privileges to the (1) DB2ADMNS and (2) DB2USERS alternative groups, which has un...

CVE-2005-486510.0

Stack-based buffer overflow in call in IBM DB2 7.x and 8.1 allows remote attackers to execute arbitrary code via a long libname.

CVE-2005-041710.0

Unknown "high risk" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and attack vectors. NOTE: due to t...

CVE-2007-604510.0

Unspecified vulnerability in (1) DB2WATCH and (2) DB2FREEZE in IBM DB2 UDB 9.1 before Fixpak 4 has unknown impact and attack vecto...