CVE-2005-4735 - IBM DB2 Universal Database (UDB) 810 before 8.1 FP10 allows remote authenticated users to cause a de

CVE-2005-4735

Summary

IBM DB2 Universal Database (UDB) 810 before 8.1 FP10 allows remote authenticated users to cause a denial of service (application crash) via (1) certain equality predicates that trigger self-removal, aka IY70808; and (2) a query with more than 32000 elements in the IN-list, aka LI70817.

References

Vulnerable Configurations

cpe:2.3:a:ibm:db2_universal_database:8.0:*:linux:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.0:*:linux:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1:*:aix:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1.4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1.6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1.6c:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1.6c:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1.7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1.7b:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1.7b:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1.8:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1.8:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1.8a:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1.8a:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1.9:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1.9:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1.9a:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1.9a:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 05-09-2008 - 20:57)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	SINGLE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:S/C:N/I:N/A:C

refmap via4

aixapar	IY70808 LI70817
bid	15126
secunia	17031

Last major update

05-09-2008 - 20:57

Published

31-12-2005 - 05:00

Last modified

05-09-2008 - 20:57