CVE-2015-0157

Name of the Vulnerable Software and Affected Versions IBM DB2 versions 9.7 through FP10 IBM DB2 versions 9.8 through FP5 IBM DB2 version 10.1 before FP5 IBM DB2 versions 10.5 through FP5

Description The issue is related to errors in the code of the IBM DB2 database management system. It can be exploited by a remote attacker to cause a denial of service by using a scalar function in an SQL query. This can lead to a daemon crash. The estimated number of potentially affected devices worldwide is not specified.

Recommendations For IBM DB2 version 9.7, update to a version after FP10 to resolve the issue. For IBM DB2 version 9.8, update to a version after FP5 to resolve the issue. For IBM DB2 version 10.1, update to FP5 or later to resolve the issue. For IBM DB2 version 10.5, update to a version after FP5 to resolve the issue. As a temporary workaround, consider restricting the use of scalar functions in SQL statements until a patch is available.