| ID |
CVE-2006-3067
|
| Summary |
Multiple unspecified vulnerabilities in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allow remote attackers to cause a denial of service (application crash) via a (1) "long column list" in the (a) REPLACE INTO and (b) INSERT INTO portions of the LOAD command or a (2) large number of values in an IN clause, possibly related to a buffer overflow. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:ibm:db2_universal_database:8.0:fp9:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.0:fp9:*:*:*:*:*:*
-
cpe:2.3:a:ibm:db2_universal_database:8.1:*:fp10:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1:*:fp10:*:*:*:*:*
-
cpe:2.3:a:ibm:db2_universal_database:*:*:fp11:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:*:*:fp11:*:*:*:*:*
-
cpe:2.3:a:ibm:db2_universal_database:8.1:*:fp8:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:8.1:*:fp8:*:*:*:*:*
|
| CVSS |
| Base: | 5.0 (as of 20-07-2017 - 01:32) |
| Impact: | |
| Exploitability: | |
|
| CWE |
NVD-CWE-Other |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
| NETWORK |
LOW |
NONE |
|
| Impact |
| Confidentiality | Integrity | Availability |
| NONE |
NONE |
PARTIAL |
|
| cvss-vector
via4
|
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
| refmap
via4
|
| aixapar | | | osvdb | | | secunia | 20579 | | vupen | ADV-2006-2332 | | xf | - db2-load-command-dos(27099)
- db2-sql-inclause-dos(27101)
|
|
| Last major update |
20-07-2017 - 01:32 |
| Published |
19-06-2006 - 10:02 |
| Last modified |
20-07-2017 - 01:32 |
