Lucene search

[email protected]CVE-2014-6159

HistoryNov 08, 2014 - 11:55 a.m.

CVE-2014-6159

2014-11-0811:55:00

CWE-20

[email protected]

web.nvd.nist.gov

ibm

db2

cve-2014-6159

denial of service

remote

authenticated

linux

unix

windows

6.2 Medium

AI Score

Confidence

Low

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

0.081 Low

EPSS

Percentile

94.2%

JSON

IBM DB2 9.7 before FP10, 9.8 through FP5, 10.1 through FT4, and 10.5 through FP4 on Linux, UNIX, and Windows, when immediate AUTO_REVAL is enabled, allows remote authenticated users to cause a denial of service (daemon crash) via a crafted ALTER TABLE statement.

CPENameOperatorVersion
ibm:db2ibm db2eq10.1
ibm:db2ibm db2eq9.7
ibm:db2ibm db2eq10.5
ibm:db2ibm db2eq9.8

CPE	Name	Operator	Version
ibm:db2	ibm db2	eq	10.1
ibm:db2	ibm db2	eq	9.7
ibm:db2	ibm db2	eq	10.5
ibm:db2	ibm db2	eq	9.8

References

secunia.com/advisories/62092

secunia.com/advisories/62093

www-01.ibm.com/support/docview.wss?uid=swg1IT04730

www-01.ibm.com/support/docview.wss?uid=swg1IT05074

www-01.ibm.com/support/docview.wss?uid=swg1IT05105

www-01.ibm.com/support/docview.wss?uid=swg1IT05132

www-01.ibm.com/support/docview.wss?uid=swg21688051

www-01.ibm.com/support/docview.wss?uid=swg21693197

www.securityfocus.com/bid/71006

exchange.xforce.ibmcloud.com/vulnerabilities/97708

6.2 Medium

AI Score

Confidence

Low

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

0.081 Low

EPSS

Percentile

94.2%

JSON

Related for CVE-2014-6159

openvas1 prion1 ibm3 nessus3