CVE-2009-0173

CWE-20 — Improper Input Validation3 documents3 sources

Severity

5.0MEDIUM

EPSS

2.0%

top 16.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM DB2 Universal Database

Timeline

PublishedJan 16

Latest updateMay 3

Description

Unspecified vulnerability in the server in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote authenticated users to cause a denial of service (trap) via a crafted data stream.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDibm/db2_universal_database9.1, 9.5+1

Patches

Patch: www-01.ibm.com ↗Patch: www-1.ibm.com ↗Patch: www-1.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-cc7x-8w7g-r27p: Unspecified vulnerability in the server in IBM DB2 8 before FP17a, 9↗2022-05-03

▶

CVEList

CVE-2009-0173: Unspecified vulnerability in the server in IBM DB2 8 before FP17a, 9↗2009-01-16

▶