CVE-2010-3195

Description

Unspecified vulnerability in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 on Windows Server 2008 allows attackers to cause a denial of service (trap) via vectors involving "special group and user enumeration."

Related CPE's

aibmdb29.1fp4******

aibmdb29.5*******

aibmdb29.1fp6a******

aibmdb29.1fp1******

aibmdb29.5fp4******

aibmdb29.5fp5******

aibmdb29.5fp4a******

aibmdb29.1*******

aibmdb29.1fp5******

aibmdb29.5fp1******

References

IC66642

Vendor Advisory

IC66643

Vendor Advisory

ADV-2010-2225

Vendor Advisory

IC66099

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21426108

41218

Vendor Advisory

http://www-01.ibm.com/support/docview.wss?uid=swg21432298

ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT

db2-special-group-dos(61446)

oval:org.mitre.oval:def:14647

CvssV3 impact

Could not find any metrics

CvssV2 impact

Version

2.0

VectorString

AV:N/AC:L/Au:N/C:N/I:N/A:P

AccessVector

NETWORK

AccessComplexity

LOW

Authentication

NONE

ConfidentialityImpact

NONE

IntegrityImpact

NONE

AvailabilityImpact

PARTIAL

BaseScore

5

Created by Yello
About Severity.io