Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2005-4866

Опубликовано: 31 дек. 2005
Источник: nvd
CVSS2: 6.8
EPSS Низкий

Описание

Stack-based buffer overflow in JDBC Applet Server in IBM DB2 8.1 allows remote attackers to execute arbitrary by connecting and sending a long username, then disconnecting gracefully and reconnecting and sending a short username and an unexpected db2java.zip version, which causes a null terminator to be removed and leads to the overflow.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ibm:db2_universal_database:7.0:*:aix:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:7.0:*:hp-ux:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:7.0:*:linux:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:7.0:*:solaris:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:7.1:*:aix:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:7.1:*:hp-ux:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:7.1:*:linux:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:7.1:*:solaris:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:7.1:*:windows:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:7.2:*:aix:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:7.2:*:hp-ux:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:7.2:*:linux:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:7.2:*:solaris:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:7.2:*:windows:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.0:*:aix:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.0:*:hp-ux:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.0:*:linux:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.0:*:solaris:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.0:*:windows:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1:*:hp_ux:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1:*:linux:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1:*:solaris:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1:*:windows:*:*:*:*:*

EPSS

Процентиль: 82%
0.01693
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

github логотип

GHSA-2w2j-gfqg-fwgm

github
почти 4 года назад

Stack-based buffer overflow in JDBC Applet Server in IBM DB2 8.1 allows remote attackers to execute arbitrary by connecting and sending a long username, then disconnecting gracefully and reconnecting and sending a short username and an unexpected db2java.zip version, which causes a null terminator to be removed and leads to the overflow.

EPSS

Процентиль: 82%
0.01693
Низкий

6.8 Medium

CVSS2

Дефекты

CWE-119