Vulnerabilities > CVE-2006-3067 - Denial-Of-Service vulnerability in IBM DB2 Universal Database 8.0/8.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Multiple unspecified vulnerabilities in IBM DB2 Universal Database (UDB) before 8.1 FixPak 12 allow remote attackers to cause a denial of service (application crash) via a (1) "long column list" in the (a) REPLACE INTO and (b) INSERT INTO portions of the LOAD command or a (2) large number of values in an IN clause, possibly related to a buffer overflow.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 4 |
References
- http://secunia.com/advisories/20579
- http://www.osvdb.org/27992
- http://www.osvdb.org/27993
- http://www.osvdb.org/29860
- http://www.vupen.com/english/advisories/2006/2332
- http://www-1.ibm.com/support/docview.wss?uid=swg1IY76767
- http://www-1.ibm.com/support/docview.wss?uid=swg1IY82725
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27099
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27101