CVE-2009-0172

EPSS 5.72%
Veröffentlicht 16.01.2009 21:30:03
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Unspecified vulnerability in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote attackers to cause a denial of service (infinite loop) via a crafted CONNECT data stream.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 15

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Ibm ≫ Db2 Universal Database Version9.1 Editionaix

Ibm ≫ Db2 Universal Database Version9.1 Editionhp-ux

Ibm ≫ Db2 Universal Database Version9.1 Editionlinux

Ibm ≫ Db2 Universal Database Version9.1 Editionsolaris

Ibm ≫ Db2 Universal Database Version9.1 Editionwindows

Ibm ≫ Db2 Universal Database Version9.1 Updatefp2

Ibm ≫ Db2 Universal Database Version9.1 Updatefp2 Editionaix

Ibm ≫ Db2 Universal Database Version9.1 Updatefp2 Editionhp-ux

Ibm ≫ Db2 Universal Database Version9.1 Updatefp2 Editionlinux

Ibm ≫ Db2 Universal Database Version9.1 Updatefp2 Editionsolaris

Ibm ≫ Db2 Universal Database Version9.1 Updatefp2 Editionwindows

Ibm ≫ Db2 Universal Database Version9.1 Updatefp3 Editionaix

Ibm ≫ Db2 Universal Database Version9.1 Updatefp3 Editionhp-ux

Ibm ≫ Db2 Universal Database Version9.1 Updatefp3 Editionsolaris

Ibm ≫ Db2 Universal Database Version9.1 Updatefp4

Ibm ≫ Db2 Universal Database Version9.1 Updatefp4 Editionaix

Ibm ≫ Db2 Universal Database Version9.1 Updatefp4 Editionhp-ux

Ibm ≫ Db2 Universal Database Version9.1 Updatefp4 Editionlinux

Ibm ≫ Db2 Universal Database Version9.1 Updatefp4 Editionwindows

Ibm ≫ Db2 Universal Database Version9.1 Updatefp4a

Ibm ≫ Db2 Universal Database Version9.1 Updatefp4a Editionhp-ux

Ibm ≫ Db2 Universal Database Version9.1 Updatefp4a Editionlinux

Ibm ≫ Db2 Universal Database Version9.1 Updatefp4a Editionwindows

Ibm ≫ Db2 Universal Database Version9.1 Updatega

Ibm ≫ Db2 Universal Database Version9.5

Ibm ≫ Db2 Universal Database Version9.5 Editionaix

Ibm ≫ Db2 Universal Database Version9.5 Editionhp-ux

Ibm ≫ Db2 Universal Database Version9.5 Editionlinux

Ibm ≫ Db2 Universal Database Version9.5 Editionsolaris

Ibm ≫ Db2 Universal Database Version9.5 Editionwindows

Ibm ≫ Db2 Universal Database Version9.5 Updatefp1 Editionaix

Ibm ≫ Db2 Universal Database Version9.5 Updatefp1 Editionhp-ux

Ibm ≫ Db2 Universal Database Version9.5 Updatefp1 Editionlinux

Ibm ≫ Db2 Universal Database Version9.5 Updatefp1 Editionsolaris

Ibm ≫ Db2 Universal Database Version9.5 Updatefp1 Editionwindows

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	5.72%	0.895

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT

http://secunia.com/advisories/33529

Vendor Advisory

http://securitytracker.com/id?1021591

http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37696

http://www-01.ibm.com/support/docview.wss?uid=swg21363936

Patch

Vendor Advisory

http://www-1.ibm.com/support/docview.wss?uid=swg1IZ36534

Patch