The chaining functionality in the Distributed Relational Database Architecture (DRDA) module in IBM DB2 9.7 before FP6 and 9.8 before FP5 allows remote attackers to cause a denial of service (NULL pointer dereference, and resource consumption or daemon crash) via a crafted request.
Max CVSS
4.3
EPSS Score
0.71%
Published
2012-06-20
Updated
2018-10-02
The XML feature in IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 allows remote authenticated users to cause a denial of service (infinite loop) by calling the XMLPARSE function with a crafted string expression.
Max CVSS
4.0
EPSS Score
0.53%
Published
2012-03-20
Updated
2017-09-19
IBM DB2 9.1 before FP11, 9.5 before FP9, 9.7 before FP5, and 9.8 before FP4 allows remote attackers to cause a denial of service (daemon crash) via a crafted Distributed Relational Database Architecture (DRDA) request.
Max CVSS
5.0
EPSS Score
4.29%
Published
2012-03-20
Updated
2018-10-10
3 vulnerabilities found