Vulnerability Description
The chaining functionality in the Distributed Relational Database Architecture (DRDA) module in IBM DB2 9.7 before FP6 and 9.8 before FP5 allows remote attackers to cause a denial of service (NULL pointer dereference, and resource consumption or daemon crash) via a crafted request.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Db2 | 9.7 |
References
- http://www.ibm.com/support/docview.wss?uid=swg1IC82234Vendor Advisory
- http://www.ibm.com/support/docview.wss?uid=swg1IC82367
- http://www.ibm.com/support/docview.wss?uid=swg21597090Vendor Advisory
- http://www.securityfocus.com/bid/53873
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75418
- http://www.ibm.com/support/docview.wss?uid=swg1IC82234Vendor Advisory
- http://www.ibm.com/support/docview.wss?uid=swg1IC82367
- http://www.ibm.com/support/docview.wss?uid=swg21597090Vendor Advisory
- http://www.securityfocus.com/bid/53873
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75418
FAQ
What is CVE-2012-2180?
CVE-2012-2180 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The chaining functionality in the Distributed Relational Database Architecture (DRDA) module in IBM DB2 9.7 before FP6 and 9.8 before FP5 allows remote attackers to cause a denial of service (NULL poi...
How severe is CVE-2012-2180?
CVE-2012-2180 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-2180?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Db2.