Aaron C. Newman

Name of the Vulnerable Software and Affected Versions: IBM DB2 versions prior to FixPak 10a Description: The issue allows remote attackers to cause a denial of service, resulting in a crash, by sending a long packet to the UDP port 523. Recommendations: For versions prior to FixPak 10a, apply FixPak 10a to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Microsoft Data Access Components (MDAC) versions 2.5 through 2.7 Description: A buffer overflow issue exists in a component of SQL-DMO for Microsoft Data Access Components, allowing remote attackers to execute arbitrary code via a long response to a broadcast request to UDP port 1434. Recommendations: For MDAC versions 2.5 through 2.7, at the moment, there is no information about a newer version that contains a fix for this vulnerability.