CVE-2007-6053 - IBM DB2 UDB 9.1 before Fixpak 4 does not properly handle use of large numbers of file descriptors, w

CVE-2007-6053

Summary

IBM DB2 UDB 9.1 before Fixpak 4 does not properly handle use of large numbers of file descriptors, which might allow attackers to have an unknown impact involving "memory corruption." NOTE: the vendor description of this issue is too vague to be certain that it is security-related.

References

Vulnerable Configurations

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*
cpe:2.3:o:unix:unix:*:*:*:*:*:*:*:*
cpe:2.3:o:unix:unix:*:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:*:*:fp3a:*:*:*:*:*
cpe:2.3:a:ibm:db2_universal_database:*:*:fp3a:*:*:*:*:*

CVSS

Base:	9.3 (as of 08-03-2011 - 03:01)
Impact:
Exploitability:

CWE

CWE-399

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:M/Au:N/C:C/I:C/A:C

refmap via4

aixapar	IZ04039
bid	26450
confirm	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
vupen	ADV-2007-3867

Last major update

08-03-2011 - 03:01

Published

20-11-2007 - 20:46

Last modified

08-03-2011 - 03:01