CVE-2009-0172

Name of the Vulnerable Software and Affected Versions IBM DB2 versions 8 before FP17a IBM DB2 versions 9.1 before FP6a IBM DB2 versions 9.5 before FP3a

Description The issue allows remote attackers to cause a denial of service, specifically an infinite loop, by sending a crafted CONNECT data stream.

Recommendations For IBM DB2 version 8, update to FP17a or later. For IBM DB2 version 9.1, update to FP6a or later. For IBM DB2 version 9.5, update to FP3a or later.