The SQL engine in IBM DB2 9.5 through FP10, 9.7 through FP9a, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP4 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) via a crafted UNION clause in a subquery of a SELECT statement.
References
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 02:07
Type | Values Removed | Values Added |
---|---|---|
References | () http://secunia.com/advisories/58725 - | |
References | () http://secunia.com/advisories/60845 - | |
References | () http://www-01.ibm.com/support/docview.wss?uid=swg1IT02433 - Vendor Advisory | |
References | () http://www-01.ibm.com/support/docview.wss?uid=swg1IT02643 - | |
References | () http://www-01.ibm.com/support/docview.wss?uid=swg1IT02644 - | |
References | () http://www-01.ibm.com/support/docview.wss?uid=swg1IT02645 - | |
References | () http://www-01.ibm.com/support/docview.wss?uid=swg1IT02646 - | |
References | () http://www-01.ibm.com/support/docview.wss?uid=swg21681623 - Patch, Vendor Advisory | |
References | () http://www-01.ibm.com/support/docview.wss?uid=swg21683297 - | |
References | () http://www.securityfocus.com/bid/69546 - | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/94263 - |
Information
Published : 2014-09-04 10:55
Updated : 2024-11-21 02:07
NVD link : CVE-2014-3095
Mitre link : CVE-2014-3095
CVE.ORG link : CVE-2014-3095
JSON object : View
Products Affected
microsoft
- windows
ibm
- db2
linux
- linux_kernel
CWE
CWE-20
Improper Input Validation