CVE-2009-0173

Description

Unspecified vulnerability in the server in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote authenticated users to cause a denial of service (trap) via a crafted data stream.

References

Link	Tags
ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
http://securitytracker.com/id?1021591	vdb entry
ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ39652	vendor advisory
http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39373	patch vendor advisory
ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
https://exchange.xforce.ibmcloud.com/vulnerabilities/47934	vdb entry
http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39653	patch vendor advisory
http://secunia.com/advisories/33529	third party advisory vendor advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21363936	patch vendor advisory
http://www.vupen.com/english/advisories/2009/0137	vdb entry
http://www.securityfocus.com/bid/33258	vdb entry

Frequently Asked Questions

What is the severity of CVE-2009-0173?: CVE-2009-0173 has been scored as a medium severity vulnerability.
How to fix CVE-2009-0173?: To fix CVE-2009-0173, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2009-0173 being actively exploited in the wild?: It is possible that CVE-2009-0173 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~2% probability that this vulnerability will be exploited by malicious actors in the next 30 days.

Description

Category

CWE-20 – Improper Input Validation

References

Frequently Asked Questions