CVE-2010-3737Missing Release of Memory after Effective Lifetime in IBM DB2

CWE-3993 documents3 sources
Severity
3.5LOWNVD
EPSS
0.4%
top 40.47%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM DB2
Timeline
PublishedOct 5
Latest updateMay 17

Description

Memory leak in the Relational Data Services component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service (heap memory consumption) by executing a (1) user-defined function (UDF) or (2) stored procedure while using a different code page than the database server.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 6.8 | Impact: 2.9

Affected Packages1 packages

NVDibm/db29.5

🔴Vulnerability Details

2
GHSA
GHSA-wcw3-9f7h-4r9g: Memory leak in the Relational Data Services component in IBM DB2 UDB 92022-05-17
CVEList
CVE-2010-3737: Memory leak in the Relational Data Services component in IBM DB2 UDB 92010-10-05
CVE-2010-3737 — IBM DB2 vulnerability | cvebase