CVE-2005-4736Infinite Loop in IBM DB2 Universal Database

3 documents3 sources
Severity
6.8MEDIUMNVD
EPSS
0.7%
top 28.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM DB2 Universal Database
Timeline
PublishedDec 31
Latest updateMay 1

Description

IBM DB2 Universal Database (UDB) 820 before 8.2 FP10 allows remote authenticated users to cause a denial of service (disk consumption) via a hash join (hsjn) that triggers an infinite loop in sqlri_hsjnFlushBlocks.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 8.0 | Impact: 6.9

Affected Packages1 packages

NVDibm/db2_universal_database12 versions+11

Patches

Patch: secunia.comPatch: www-1.ibm.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-hhcw-hw4m-h4v7: IBM DB2 Universal Database (UDB) 820 before 82022-05-01
CVEList
CVE-2005-4736: IBM DB2 Universal Database (UDB) 820 before 82006-03-19
CVE-2005-4736 — Infinite Loop in IBM | cvebase