[Japanese]
|
JVNDB-2011-000016
|
IBM DB2 vulnerable to denial-of-service (DoS)
|
IBM DB2 contains a denial-of-service (DoS) vulnerability.
IBM DB2 contains a denial-of-service (DoS) vulnerability due to an issue in Java Runtime Environment (JRE).
|
CVSS V2 Severity: Base Metrics 4.0 (Medium) [IPA Score]
- Access Vector: Network
- Access Complexity: Low
- Authentication: Single Instance
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: Partial
|
|
IBM Corporation
- IBM DB2 for Linux, UNIX, and Windows Version 9.7 FP0 to FP3a
- IBM DB2 for Linux, UNIX, and Windows Version 9.5 FP0 to FP7
- IBM DB2 for Linux, UNIX, and Windows Version 9.1 FP0 to FP10
Hewlett-Packard Development Company,L.P
- HP Systems Insight Manager prior to v7.0
|
|
An attacker that can create or execute stored procedures may cause a denial-of-service (DoS).
|
[Apply a workaround]
Until an update is released, the following workaround below may reduce the impact of this vulnerability:
Apply the appropriate JDK update according to the information provided by the developer.
|
IBM Corporation
Hewlett-Packard Development Company,L.P
NEC Corporation
- NEC Security Information : NV18-002 (in Japanese)
|
- Numeric Errors(CWE-189) [IPA Evaluation]
|
- CVE-2010-4476
|
- JVN : JVN#16308183
- JVN Status Tracking Notes : JVNTR-2011-02
- National Vulnerability Database (NVD) : CVE-2010-4476
- Secunia Advisory : SA43295
- SecurityTracker : 1025062
|
- [2011/03/04]
Web page published
[2013/03/26]
Affected Products : Product was added (HPSBMU02769 SSRT100846)
Vendor Information : Content was added (HPSBMU02769 SSRT100846)
[2018/02/07]
Vendor Information : Content was added
|