Denial of service vulnerability in the Net Search Extender (NSE) implementation in the Text Search component in IBM DB2 UDB 9.5 before FP6aID: oval:org.secpod.oval:def:652 | Date: (C)2011-04-08 (M)2022-10-10 |
Class: VULNERABILITY | Family: windows |
The host is installed with IBM DB2 UDB 9.5 before FP6a and is prone to denial of service vulnerability. A flaw is present in Net Search Extender (NSE) implementation in the Text Search component in IBM DB2 which does not properly handle an alphanumeric fuzzy search. Successful exploitation allow remote authenticated users to cause a denial of service (memory consumption and system hang) via the db2ext.textSearch function.
Platform: |
Microsoft Windows 7 |
Microsoft Windows Server 2003 |
Microsoft Windows Server 2008 |
Microsoft Windows Vista |
Microsoft Windows XP |