Denial of Service Vulnerability in IBM DB2 Content Manager for Local Users
CVE-2005-3568

Currently unrated

Key Information:

Vendor: IBM
Status: Db2 Content Manager
Vendor: CVE Published:; 16 November 2005

Summary

The db2fmp process in IBM DB2 Content Manager versions before 8.2 Fix Pack 10 is susceptible to a denial of service attack. Local users can exploit this vulnerability by importing a malformed Microsoft Excel file, which causes the text search process to enter a looping state, heavily consuming CPU resources. This can lead to system performance degradation and unavailability, as legitimate processes may struggle to obtain necessary CPU time.

References

http://www-1.ibm.com/support/docview.wss?uid=swg1IO00737

x_refsource_CONFIRM

https://exchange.xforce.ibmcloud.com/vulnerabilities/23088

vdb-entryx_refsource_XF

http://secunia.com/advisories/17388

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Nov 16, 2005
Vulnerability Reserved
Nov 16, 2005