he host is installed with IBM DB2 UDB 9.5 before FP6a and is prone to denial of service vulnerability. A flaw is present in "Query Compiler, Rewrite, Optimizer" component in IBM DB2 which fails to authenticate a crafted query involving certain UNION ALL. Successful exploitation allow remote authenticated users to cause a denial of service (CPU consumption).