3.5

CVE-2014-6159

IBM DB2 9.7 before FP10, 9.8 through FP5, 10.1 through FT4, and 10.5 through FP4 on Linux, UNIX, and Windows, when immediate AUTO_REVAL is enabled, allows remote authenticated users to cause a denial of service (daemon crash) via a crafted ALTER TABLE statement.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmDb2 Version9.7
IbmDb2 Version9.8
IbmDb2 Version10.1
IbmDb2 Version10.5
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.12% 0.795
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 3.5 6.8 2.9
AV:N/AC:M/Au:S/C:N/I:N/A:P
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://secunia.com/advisories/62092
http://secunia.com/advisories/62093
http://www-01.ibm.com/support/docview.wss?uid=swg1IT04730
http://www-01.ibm.com/support/docview.wss?uid=swg1IT05074
http://www-01.ibm.com/support/docview.wss?uid=swg1IT05105
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1IT05132
http://www-01.ibm.com/support/docview.wss?uid=swg21688051
Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21693197
http://www.securityfocus.com/bid/71006
https://exchange.xforce.ibmcloud.com/vulnerabilities/97708