Vulnerability Description
IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a list containing authentication information, which might allow attackers to cause a denial of service (instance crash) or trigger memory corruption. NOTE: the vendor description of this issue is too vague to be certain that it is security-related.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Db2 | <= 9.1 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/27177PatchVendor Advisory
- http://www-1.ibm.com/support/docview.wss?rs=71&uid=swg21283031Patch
- http://www-1.ibm.com/support/docview.wss?uid=swg21255607
- http://www.ibm.com/support/docview.wss?uid=swg1LI72519
- http://www.securityfocus.com/bid/26450
- http://www.vupen.com/english/advisories/2007/3538Vendor Advisory
- http://www.vupen.com/english/advisories/2007/3867Vendor Advisory
- http://secunia.com/advisories/27177PatchVendor Advisory
- http://www-1.ibm.com/support/docview.wss?rs=71&uid=swg21283031Patch
- http://www-1.ibm.com/support/docview.wss?uid=swg21255607
- http://www.ibm.com/support/docview.wss?uid=swg1LI72519
- http://www.securityfocus.com/bid/26450
- http://www.vupen.com/english/advisories/2007/3538Vendor Advisory
- http://www.vupen.com/english/advisories/2007/3867Vendor Advisory
FAQ
What is CVE-2007-5652?
CVE-2007-5652 is a vulnerability with a CVSS score of 7.8 (HIGH). IBM DB2 UDB 9.1 before Fixpak 4 does not properly manage storage of a list containing authentication information, which might allow attackers to cause a denial of service (instance crash) or trigger m...
How severe is CVE-2007-5652?
CVE-2007-5652 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-5652?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Db2.