4
CVE-2014-6209
- EPSS 2.49%
- Veröffentlicht 12.12.2014 16:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle psirt@us.ibm.com
- CVE-Watchlists
- Unerledigt
IBM DB2 9.5 through FP10, 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP5 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) by specifying an identity column within a crafted ALTER TABLE statement.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.49% | 0.826 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://secunia.com/advisories/62092
http://www-01.ibm.com/support/docview.wss?uid=swg21693197
http://www-01.ibm.com/support/docview.wss?uid=swg1IT04786
http://www-01.ibm.com/support/docview.wss?uid=swg1IT05644
http://www-01.ibm.com/support/docview.wss?uid=swg1IT05645
http://www-01.ibm.com/support/docview.wss?uid=swg1IT05646
http://www-01.ibm.com/support/docview.wss?uid=swg1IT05647
http://www-01.ibm.com/support/docview.wss?uid=swg21690787
http://www.securityfocus.com/bid/71729
http://www.securitytracker.com/id/1034571
https://exchange.xforce.ibmcloud.com/vulnerabilities/98684