Lucene search
HistoryOct 05, 2010 - 6:00 p.m.
CVE-2010-3735
CVSS2
2.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:S/C:N/I:N/A:P
AI Score
5.9
Confidence
High
EPSS
0.003
Percentile
69.6%
The “Query Compiler, Rewrite, Optimizer” component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted query involving certain UNION ALL views, leading to an indefinitely large amount of compilation time.
Affected configurations
Node
ibmdb2Match9.5
ORibmdb2Match9.5fp1
ORibmdb2Match9.5fp2
ORibmdb2Match9.5fp2a
ORibmdb2Match9.5fp3
ORibmdb2Match9.5fp3a
ORibmdb2Match9.5fp3b
ORibmdb2Match9.5fp4
ORibmdb2Match9.5fp4a
ORibmdb2Match9.5fp5
| Vendor | Product | Version | CPE |
|---|---|---|---|
| ibm | db2 | 9.5 | cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:* |
| ibm | db2 | 9.5 | cpe:2.3:a:ibm:db2:9.5:fp1:*:*:*:*:*:* |
| ibm | db2 | 9.5 | cpe:2.3:a:ibm:db2:9.5:fp2:*:*:*:*:*:* |
| ibm | db2 | 9.5 | cpe:2.3:a:ibm:db2:9.5:fp2a:*:*:*:*:*:* |
| ibm | db2 | 9.5 | cpe:2.3:a:ibm:db2:9.5:fp3:*:*:*:*:*:* |
| ibm | db2 | 9.5 | cpe:2.3:a:ibm:db2:9.5:fp3a:*:*:*:*:*:* |
| ibm | db2 | 9.5 | cpe:2.3:a:ibm:db2:9.5:fp3b:*:*:*:*:*:* |
| ibm | db2 | 9.5 | cpe:2.3:a:ibm:db2:9.5:fp4:*:*:*:*:*:* |
| ibm | db2 | 9.5 | cpe:2.3:a:ibm:db2:9.5:fp4a:*:*:*:*:*:* |
| ibm | db2 | 9.5 | cpe:2.3:a:ibm:db2:9.5:fp5:*:*:*:*:*:* |
Related
cvelist
cvelist
CVE-2010-3735
2010-10-05 17:00:00
cve
cve
CVE-2010-3735
2010-10-05 18:00:33
prion
prion
Code injection
2010-10-05 18:00:00
openvas
openvas
IBM Db2 Multiple Vulnerabilities (Oct 2010)
2010-10-08 00:00:00
IBM DB2 Multiple Vulnerabilities (Oct10)
2010-10-08 00:00:00
nessus
nessus
IBM DB2 9.5 < Fix Pack 6a Multiple Vulnerabilities
2010-09-07 00:00:00
CVSS2
2.1
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:H/Au:S/C:N/I:N/A:P
AI Score
5.9
Confidence
High
EPSS
0.003
Percentile
69.6%
Related for NVD:CVE-2010-3735