Vulnerability Details CVE-2009-0172
Unspecified vulnerability in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote attackers to cause a denial of service (infinite loop) via a crafted CONNECT data stream.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.057
EPSS Ranking 89.9%
CVSS Severity
CVSS v2 Score 5.0
References
- ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
- ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT
- ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
- http://secunia.com/advisories/33529
- http://securitytracker.com/id?1021591
- http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37696
- http://www-01.ibm.com/support/docview.wss?uid=swg21363936
- http://www-1.ibm.com/support/docview.wss?uid=swg1IZ36534
- http://www-1.ibm.com/support/docview.wss?uid=swg1IZ37697
- http://www.securityfocus.com/bid/33258
- http://www.vupen.com/english/advisories/2009/0137
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47931
- ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
- ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT
- ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
- http://secunia.com/advisories/33529
- http://securitytracker.com/id?1021591
- http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37696
- http://www-01.ibm.com/support/docview.wss?uid=swg21363936
- http://www-1.ibm.com/support/docview.wss?uid=swg1IZ36534
- http://www-1.ibm.com/support/docview.wss?uid=swg1IZ37697
- http://www.securityfocus.com/bid/33258
- http://www.vupen.com/english/advisories/2009/0137
- https://exchange.xforce.ibmcloud.com/vulnerabilities/47931
Products affected by CVE-2009-0172
-
cpe:2.3:a:ibm:db2_universal_database:9.1
-
cpe:2.3:a:ibm:db2_universal_database:9.5