CVE-2009-4332 — IBM DB2 vulnerability

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

0.9%

top 23.97%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM DB2

Timeline

PublishedDec 16

Latest updateMay 3

Description

db2pd in the Problem Determination component in IBM DB2 9.1 before FP7 and 9.5 before FP5 allows attackers to cause a denial of service (NULL pointer dereference and application termination) via unspecified vectors.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDibm/db29.1, 9.5, 9.7+2

Patches

Patch: ftp.software.ibm.com ↗Patch: www-01.ibm.com ↗Patch: ftp.software.ibm.com ↗

🔴Vulnerability Details

GHSA

GHSA-j8w8-w24j-jw4m: db2pd in the Problem Determination component in IBM DB2 9↗2022-05-03

▶

CVEList

CVE-2009-4332: db2pd in the Problem Determination component in IBM DB2 9↗2009-12-16

▶