Vulnerability Description
Memory leak in the Relational Data Services component in IBM DB2 UDB 9.5 before FP6a, when the connection concentrator is enabled, allows remote authenticated users to cause a denial of service (heap memory consumption) by using a different code page than the database server.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Db2 | 9.5 |
Related Weaknesses (CWE)
References
- ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARL
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC68182
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARL
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC68182
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2010-3736?
CVE-2010-3736 is a vulnerability with a CVSS score of 4.0 (MEDIUM). Memory leak in the Relational Data Services component in IBM DB2 UDB 9.5 before FP6a, when the connection concentrator is enabled, allows remote authenticated users to cause a denial of service (heap ...
How severe is CVE-2010-3736?
CVE-2010-3736 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-3736?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Db2.