PT-2015-2780 · Ibm · Ibm Db2
David Litchfield
·
Published
2015-07-19
·
Updated
2018-09-26
·
CVE-2015-1935
CVSS v2.0
8.0
High
| Vector | AV:N/AC:L/Au:S/C:P/I:P/A:C |
Name of the Vulnerable Software and Affected Versions
IBM DB2 versions 9.7 through FP10
IBM DB2 versions 9.8 through FP5
IBM DB2 versions 10.1 before FP5
IBM DB2 versions 10.5 through FP5
Description
The issue is related to errors in the code of the scalar-function implementation in IBM DB2, which can be exploited by a remote attacker to cause a denial of service or execute arbitrary code. The exploitation is possible via unspecified vectors.
Recommendations
For IBM DB2 versions 9.7 through FP10, update to a version after FP10 to resolve the issue.
For IBM DB2 versions 9.8 through FP5, update to a version after FP5 to resolve the issue.
For IBM DB2 versions 10.1 before FP5, update to FP5 or later to resolve the issue.
For IBM DB2 versions 10.5 through FP5, update to a version after FP5 to resolve the issue.
Fix
DoS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Db2