Lucene search
MitreCVE-2010-3735HistoryOct 05, 2010 - 6:00 p.m.
CVE-2010-3735
2010-10-0518:00:33
CWE-399
mitre
web.nvd.nist.gov
34
cve-2010-3735
ibm db2
udb 9.5
fp6a
denial of service
cpu consumption
nvd
CVSS2
2.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:S/C:N/I:N/A:P
AI Score
6.1
Confidence
Low
EPSS
0.003
Percentile
69.6%
The “Query Compiler, Rewrite, Optimizer” component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted query involving certain UNION ALL views, leading to an indefinitely large amount of compilation time.
Affected configurations
Node
ibmdb2Match9.5
ORibmdb2Match9.5fp1
ORibmdb2Match9.5fp2
ORibmdb2Match9.5fp2a
ORibmdb2Match9.5fp3
ORibmdb2Match9.5fp3a
ORibmdb2Match9.5fp3b
ORibmdb2Match9.5fp4
ORibmdb2Match9.5fp4a
ORibmdb2Match9.5fp5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | db2 | 9.5 | cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:* |
| ibm | db2 | 9.5 | cpe:2.3:a:ibm:db2:9.5:fp1:*:*:*:*:*:* |
| ibm | db2 | 9.5 | cpe:2.3:a:ibm:db2:9.5:fp2:*:*:*:*:*:* |
| ibm | db2 | 9.5 | cpe:2.3:a:ibm:db2:9.5:fp2a:*:*:*:*:*:* |
| ibm | db2 | 9.5 | cpe:2.3:a:ibm:db2:9.5:fp3:*:*:*:*:*:* |
| ibm | db2 | 9.5 | cpe:2.3:a:ibm:db2:9.5:fp3a:*:*:*:*:*:* |
| ibm | db2 | 9.5 | cpe:2.3:a:ibm:db2:9.5:fp3b:*:*:*:*:*:* |
| ibm | db2 | 9.5 | cpe:2.3:a:ibm:db2:9.5:fp4:*:*:*:*:*:* |
| ibm | db2 | 9.5 | cpe:2.3:a:ibm:db2:9.5:fp4a:*:*:*:*:*:* |
| ibm | db2 | 9.5 | cpe:2.3:a:ibm:db2:9.5:fp5:*:*:*:*:*:* |
Related
nvd
nvd
CVE-2010-3735
2010-10-05 18:00:33
cvelist
cvelist
CVE-2010-3735
2010-10-05 17:00:00
prion
prion
Code injection
2010-10-05 18:00:00
openvas
openvas
IBM Db2 Multiple Vulnerabilities (Oct 2010)
2010-10-08 00:00:00
IBM DB2 Multiple Vulnerabilities (Oct10)
2010-10-08 00:00:00
nessus
nessus
IBM DB2 9.5 < Fix Pack 6a Multiple Vulnerabilities
2010-09-07 00:00:00
CVSS2
2.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:S/C:N/I:N/A:P
AI Score
6.1
Confidence
Low
EPSS
0.003
Percentile
69.6%
Related for CVE-2010-3735