CVE-2014-6159

Sažetak

IBM DB2 9.7 before FP10, 9.8 through FP5, 10.1 through FT4, and 10.5 through FP4 on Linux, UNIX, and Windows, when immediate AUTO_REVAL is enabled, allows remote authenticated users to cause a denial of service (daemon crash) via a crafted ALTER TABLE statement.

Reference

http://secunia.com/advisories/62092
http://secunia.com/advisories/62093
http://www.securityfocus.com/bid/71006
http://www-01.ibm.com/support/docview.wss?uid=swg1IT04730
http://www-01.ibm.com/support/docview.wss?uid=swg1IT05074
http://www-01.ibm.com/support/docview.wss?uid=swg1IT05105
http://www-01.ibm.com/support/docview.wss?uid=swg1IT05132
http://www-01.ibm.com/support/docview.wss?uid=swg21688051
http://www-01.ibm.com/support/docview.wss?uid=swg21693197
https://exchange.xforce.ibmcloud.com/vulnerabilities/97708

CVSS

Base:	3.5
Impact:	2.9
Exploitability:	6.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:M/Au:S/C:N/I:N/A:P

Zadnje važnije ažuriranje

08-09-2017 - 01:29

Objavljeno

08-11-2014 - 11:55