Lucene search
HistoryOct 05, 2010 - 6:00 p.m.
CVE-2010-3735
cve-2010-3735
ibm db2
udb 9.5
fp6a
denial of service
cpu consumption
nvd
2.1 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:S/C:N/I:N/A:P
6.1 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
69.7%
The “Query Compiler, Rewrite, Optimizer” component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted query involving certain UNION ALL views, leading to an indefinitely large amount of compilation time.
Affected configurations
Node
ibmdb2Match9.5
ORibmdb2Match9.5fp1
ORibmdb2Match9.5fp2
ORibmdb2Match9.5fp2a
ORibmdb2Match9.5fp3
ORibmdb2Match9.5fp3a
ORibmdb2Match9.5fp3b
ORibmdb2Match9.5fp4
ORibmdb2Match9.5fp4a
ORibmdb2Match9.5fp5
Related
cvelist
cvelist
CVE-2010-3735
2010-10-05 17:00:00
nvd
nvd
CVE-2010-3735
2010-10-05 18:00:33
prion
prion
Code injection
2010-10-05 18:00:00
openvas
openvas
IBM DB2 Multiple Vulnerabilities (Oct10)
2010-10-08 00:00:00
IBM Db2 Multiple Vulnerabilities (Oct 2010)
2010-10-08 00:00:00
nessus
nessus
IBM DB2 9.5 < Fix Pack 6a Multiple Vulnerabilities
2010-09-07 00:00:00
2.1 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:S/C:N/I:N/A:P
6.1 Medium
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
69.7%
Related for CVE-2010-3735