CVE-2016-0211

MEDIUM

IBM DB2 <10.5 - DoS

Title source: llm

Description

IBM DB2 9.7 through FP11, 9.8, 10.1 through FP5, and 10.5 through FP7 on Linux, UNIX, and Windows allows remote authenticated users to cause a denial of service (daemon crash) via a crafted DRDA message.

References (7)

[Various Sources] http://www-01.ibm.com/support/docview.wss?uid=swg1IT12462

[Various Sources] http://www-01.ibm.com/support/docview.wss?uid=swg1IT12487

[Various Sources] http://www-01.ibm.com/support/docview.wss?uid=swg1IT12488

[Various Sources] http://www-01.ibm.com/support/docview.wss?uid=swg1IT13350

[Vendor Advisory] http://www-01.ibm.com/support/docview.wss?uid=swg21979984

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/85979

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1035660

Scores

CVSS v3 4.3

EPSS 0.0155

EPSS Percentile 81.2%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Classification

CWE

CWE-20

Status draft

Affected Products (50)

ibm/db2

... and 35 more

Timeline

Published Apr 28, 2016

Tracked Since Feb 18, 2026