Total vulnerabilities in the database
IBM DB2 Universal Database (UDB) before 8.1 FixPak 13 allows remote authenticated users to cause a denial of service (crash) by (1) sending the first ACCSEC command without an RDBNAM parameter during the CONNECT process, or (2) sending crafted SQLJRA packet, which results in a null dereference.
| Software | From | Fixed in |
|---|---|---|
| ibm / db2 | 8.1.8 | 8.1.8.x |
| ibm / db2 | 8.1.8a | 8.1.8a.x |
| ibm / db2 | 8.1.7b | 8.1.7b.x |
| ibm / db2 | 8.1.9a | 8.1.9a.x |
| ibm / db2 | 8.1.7 | 8.1.7.x |
| ibm / db2 | 8.1.6 | 8.1.6.x |
| ibm / db2 | 8.12 | 8.12.x |
| ibm / db2 | 8.1.4 | 8.1.4.x |
| ibm / db2 | 8.1.9 | 8.1.9.x |
| ibm / db2 | 8.1.5 | 8.1.5.x |
| ibm / db2 | 8.0 | 8.0.x |
| ibm / db2 | 8.1.6c | 8.1.6c.x |
| ibm / db2 | 8.2 | 8.2.x |
| ibm / db2 | 8.1 | 8.1.x |
| ibm / db2 | 8.10 | 8.10.x |