CVE-2016-0215

IBM DB2 9.7, 10.1 before FP6, and 10.5 before FP8 on AIX, Linux, HP, Solaris and Windows allow remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with a subquery containing the AVG OLAP function on an Oracle compatible database.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:a:ibm:db2:9.7:*:*:*:advanced_enterprise_server:*:*:*
cpe:2.3:a:ibm:db2:9.7:*:*:*:advanced_workgroup_server:*:*:*
cpe:2.3:a:ibm:db2:9.7:*:*:*:connect_application_server:*:*:*
cpe:2.3:a:ibm:db2:9.7:*:*:*:connect_enterprise:*:*:*
cpe:2.3:a:ibm:db2:9.7:*:*:*:connect_unlimited:system_i:*:*
cpe:2.3:a:ibm:db2:9.7:*:*:*:connect_unlimited:system_z:*:*
cpe:2.3:a:ibm:db2:9.7:*:*:*:enterprise_server:*:*:*
cpe:2.3:a:ibm:db2:9.7:*:*:*:express:*:*:*
cpe:2.3:a:ibm:db2:9.7:*:*:*:workgroup_server:*:*:*
cpe:2.3:a:ibm:db2:10.1:*:*:*:advanced_enterprise_server:*:*:*
cpe:2.3:a:ibm:db2:10.1:*:*:*:advanced_workgroup_server:*:*:*
cpe:2.3:a:ibm:db2:10.1:*:*:*:connect_application_server:*:*:*
cpe:2.3:a:ibm:db2:10.1:*:*:*:connect_enterprise:*:*:*
cpe:2.3:a:ibm:db2:10.1:*:*:*:connect_unlimited:system_i:*:*
cpe:2.3:a:ibm:db2:10.1:*:*:*:connect_unlimited:system_z:*:*
cpe:2.3:a:ibm:db2:10.1:*:*:*:enterprise_server:*:*:*
cpe:2.3:a:ibm:db2:10.1:*:*:*:express:*:*:*
cpe:2.3:a:ibm:db2:10.1:*:*:*:workgroup_server:*:*:*
cpe:2.3:a:ibm:db2:10.5:*:*:*:advanced_enterprise_server:*:*:*
cpe:2.3:a:ibm:db2:10.5:*:*:*:advanced_workgroup_server:*:*:*
cpe:2.3:a:ibm:db2:10.5:*:*:*:connect_application_server:*:*:*
cpe:2.3:a:ibm:db2:10.5:*:*:*:connect_enterprise:*:*:*
cpe:2.3:a:ibm:db2:10.5:*:*:*:connect_unlimited:system_i:*:*
cpe:2.3:a:ibm:db2:10.5:*:*:*:connect_unlimited:system_z:*:*
cpe:2.3:a:ibm:db2:10.5:*:*:*:enterprise_server:*:*:*
cpe:2.3:a:ibm:db2:10.5:*:*:*:express:*:*:*
cpe:2.3:a:ibm:db2:10.5:*:*:*:workgroup_server:*:*:*
OR cpe:2.3:o:hp:hp-ux:-:*:*:*:*:*:*:*
cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
cpe:2.3:o:oracle:solaris:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:a:ibm:db2:9.8:*:*:*:enterprise_server:*:*:*
OR cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*

History

21 Nov 2024, 02:41

Type Values Removed Values Added
References () http://www-01.ibm.com/support/docview.wss?uid=swg21979986 - Patch, Vendor Advisory () http://www-01.ibm.com/support/docview.wss?uid=swg21979986 - Patch, Vendor Advisory

Information

Published : 2018-01-16 19:29

Updated : 2024-11-21 02:41


NVD link : CVE-2016-0215

Mitre link : CVE-2016-0215

CVE.ORG link : CVE-2016-0215


JSON object : View

Products Affected

hp

  • hp-ux

ibm

  • aix
  • db2

linux

  • linux_kernel

microsoft

  • windows

oracle

  • solaris
CWE
CWE-20

Improper Input Validation