CVE-2012-0710Improper Input Validation in IBM DB2

CWE-20Improper Input Validation5 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
1.6%
top 17.98%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM DB2
Timeline
PublishedMar 20
Latest updateMay 14

Description

IBM DB2 9.1 before FP11, 9.5 before FP9, 9.7 before FP5, and 9.8 before FP4 allows remote attackers to cause a denial of service (daemon crash) via a crafted Distributed Relational Database Architecture (DRDA) request.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDibm/db24 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-p3wm-jpp9-fx43: IBM DB2 92022-05-14
CVEList
CVE-2012-0710: IBM DB2 92012-03-20

💬Community

2
Bugzilla
CVE-2012-1946 Mozilla: Use-after-free while replacing/inserting a node in a document (MFSA 2012-38)2012-06-03
Bugzilla
CVE-2012-1944 Mozilla: Content Security Policy inline-script bypass (MFSA 2012-36)2012-06-03
CVE-2012-0710 — Improper Input Validation in IBM DB2 | cvebase