CVE-2010-3732Improper Input Validation in IBM DB2

CWE-20Improper Input Validation4 documents4 sources
Severity
3.5LOWNVD
EPSS
0.4%
top 40.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM DB2
Timeline
PublishedOct 5
Latest updateMay 17

Description

The DRDA Services component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service (database server ABEND) by using the client CLI on Linux, UNIX, or Windows for executing a prepared statement with a large number of parameter markers.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 6.8 | Impact: 2.9

Affected Packages1 packages

NVDibm/db29.5

🔴Vulnerability Details

2
GHSA
GHSA-5xwp-7xf8-2r9c: The DRDA Services component in IBM DB2 UDB 92022-05-17
CVEList
CVE-2010-3732: The DRDA Services component in IBM DB2 UDB 92010-10-05

💥Exploits & PoCs

1
Exploit-DB
VMware Remote Console e.x.p build-158248 - Format String2010-04-12
CVE-2010-3732 — Improper Input Validation in IBM DB2 | cvebase