Lucene search

MitreCVE-2007-2582

HistoryMay 10, 2007 - 12:19 a.m.

CVE-2007-2582

2007-05-1000:19:00

CWE-119

mitre

web.nvd.nist.gov

cve-2007-2582

buffer overflow

db2 jdbc applet server

ibm db2

security vulnerability

remote code execution

denial of service

nvd

vulnerability

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

9.5

Confidence

High

EPSS

0.241

Percentile

96.6%

JSON

Multiple buffer overflows in the DB2 JDBC Applet Server (DB2JDS) service in IBM DB2 9.x and earlier allow remote attackers to (1) execute arbitrary code via a crafted packet to the DB2JDS service on tcp/6789; and cause a denial of service via (2) an invalid LANG parameter or (2) a long packet that generates a “MemTree overflow.”

Affected configurations

Nvd

Node

ibmdb2Range≤9.0

VendorProductVersionCPE
ibmdb2*cpe:2.3:a:ibm:db2:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	db2	*	cpe:2.3:a:ibm:db2::::::::

References

osvdb.org/40973

osvdb.org/40975

secunia.com/advisories/25148

www-1.ibm.com/support/search.wss?rs=0&q=IY97750&apar=only

www.securityfocus.com/archive/1/482024/100/0/threaded

www.securityfocus.com/bid/23890

www.securityfocus.com/bid/26010

www.securitytracker.com/id?1018029

www.securitytracker.com/id?1018801

www.vupen.com/english/advisories/2007/1707

www.zerodayinitiative.com/advisories/ZDI-07-056.html

exchange.xforce.ibmcloud.com/vulnerabilities/34184

Social References

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

9.5

Confidence

High

EPSS

0.241

Percentile

96.6%

JSON

Related for CVE-2007-2582