CVE-2009-4325

The Client Interfaces component in IBM DB2 8.2 before FP18, 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 does not validate an unspecified pointer, which allows attackers to overwrite "external memory" via unknown vectors, related to a missing "check for null pointers."
References
Link Resource
ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT Patch
ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT
ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v97/APARLIST.TXT
http://secunia.com/advisories/37759 Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1IC64702
http://www-01.ibm.com/support/docview.wss?uid=swg1LI72709 Exploit Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1LI74500 Exploit Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1LI74504
http://www-01.ibm.com/support/docview.wss?uid=swg21293566 Patch Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21412902
http://www.securityfocus.com/bid/37332
http://www.vupen.com/english/advisories/2009/3520 Vendor Advisory
ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT Patch
ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT
ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v97/APARLIST.TXT
http://secunia.com/advisories/37759 Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1IC64702
http://www-01.ibm.com/support/docview.wss?uid=swg1LI72709 Exploit Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1LI74500 Exploit Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg1LI74504
http://www-01.ibm.com/support/docview.wss?uid=swg21293566 Patch Vendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21412902
http://www.securityfocus.com/bid/37332
http://www.vupen.com/english/advisories/2009/3520 Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:db2:8.2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.2:fp1:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.2:fp10:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.2:fp11:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.2:fp12:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.2:fp13:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.2:fp14:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.2:fp15:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.2:fp16:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.2:fp17:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.2:fp2:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.2:fp3:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.2:fp4:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.2:fp5:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.2:fp6:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.2:fp7:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.2:fp8:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.2:fp9:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp1:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp2:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp3:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp3a:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp4:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp4a:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp5:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp6:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp6a:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp7:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.5:fp1:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.5:fp2:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.5:fp2a:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.5:fp3:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.5:fp3a:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.5:fp3b:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*

History

21 Nov 2024, 01:09

Type Values Removed Values Added
References () ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT - Patch () ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT - Patch
References () ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT - () ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT -
References () ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT - () ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT -
References () ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v97/APARLIST.TXT - () ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v97/APARLIST.TXT -
References () http://secunia.com/advisories/37759 - Vendor Advisory () http://secunia.com/advisories/37759 - Vendor Advisory
References () http://www-01.ibm.com/support/docview.wss?uid=swg1IC64702 - () http://www-01.ibm.com/support/docview.wss?uid=swg1IC64702 -
References () http://www-01.ibm.com/support/docview.wss?uid=swg1LI72709 - Exploit, Vendor Advisory () http://www-01.ibm.com/support/docview.wss?uid=swg1LI72709 - Exploit, Vendor Advisory
References () http://www-01.ibm.com/support/docview.wss?uid=swg1LI74500 - Exploit, Vendor Advisory () http://www-01.ibm.com/support/docview.wss?uid=swg1LI74500 - Exploit, Vendor Advisory
References () http://www-01.ibm.com/support/docview.wss?uid=swg1LI74504 - () http://www-01.ibm.com/support/docview.wss?uid=swg1LI74504 -
References () http://www-01.ibm.com/support/docview.wss?uid=swg21293566 - Patch, Vendor Advisory () http://www-01.ibm.com/support/docview.wss?uid=swg21293566 - Patch, Vendor Advisory
References () http://www-01.ibm.com/support/docview.wss?uid=swg21412902 - () http://www-01.ibm.com/support/docview.wss?uid=swg21412902 -
References () http://www.securityfocus.com/bid/37332 - () http://www.securityfocus.com/bid/37332 -
References () http://www.vupen.com/english/advisories/2009/3520 - Vendor Advisory () http://www.vupen.com/english/advisories/2009/3520 - Vendor Advisory

Information

Published : 2009-12-16 18:30

Updated : 2024-11-21 01:09


NVD link : CVE-2009-4325

Mitre link : CVE-2009-4325

CVE.ORG link : CVE-2009-4325


JSON object : View

Products Affected

ibm

  • db2
CWE
CWE-20

Improper Input Validation