CVE-2010-3740

Name of the Vulnerable Software and Affected Versions IBM DB2 UDB version 9.5 before FP6a

Description The issue is related to the Net Search Extender implementation in the Text Search component, which does not properly handle an alphanumeric Fuzzy search. This allows remote authenticated users to cause a denial of service, resulting in memory consumption and system hang, via the db2ext.textSearch function.

Recommendations For IBM DB2 UDB version 9.5 before FP6a, update to FP6a or later to resolve the issue. As a temporary workaround, consider restricting access to the db2ext.textSearch function to minimize the risk of exploitation.