CVE-2014-6210

Currently unrated

Key Information:

Vendor: IBM
Status: Db2 Connect; Db2
Vendor: CVE Published:; 12 December 2014

Summary

IBM DB2 9.7 through FP10, 9.8 through FP5, 10.1 through FP4, and 10.5 before FP5 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) by specifying the same column within multiple ALTER TABLE statements.

References

http://www-01.ibm.com/support/docview.wss?uid=swg1IT05652

vendor-advisoryx_refsource_AIXAPAR

http://secunia.com/advisories/62092

third-party-advisoryx_refsource_SECUNIA

http://www-01.ibm.com/support/docview.wss?uid=swg1IT05651

vendor-advisoryx_refsource_AIXAPAR

EPSS Score

17% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 12, 2014
Vulnerability Reserved
Sep 2, 2014