IBM DB2 8.1 before FixPak 14 allows remote attackers to cause a denial of service via a crafted SQLJRA packet, which causes a NULL pointer dereference in the sqle_db2ra_as_recvrequest function in DB2ENGN.DLL, a different issue than CVE-2006-4257.
2006-12-19T20:28:00.000
2025-04-09T00:30:58.490
Deferred
CVSSv2: 5.0 (MEDIUM)
AV:N/AC:L/Au:N/C:N/I:N/A:P
10.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | ibm | db2_universal_database | 8.1 | Yes |
| Application | ibm | db2_universal_database | 8.1.4 | Yes |
| Application | ibm | db2_universal_database | 8.1.5 | Yes |
| Application | ibm | db2_universal_database | 8.1.6 | Yes |
| Application | ibm | db2_universal_database | 8.1.6c | Yes |
| Application | ibm | db2_universal_database | 8.1.7 | Yes |
| Application | ibm | db2_universal_database | 8.1.7b | Yes |
| Application | ibm | db2_universal_database | 8.1.8 | Yes |
| Application | ibm | db2_universal_database | 8.1.8a | Yes |
| Application | ibm | db2_universal_database | 8.1.9 | Yes |
| Application | ibm | db2_universal_database | 8.1.9a | Yes |
| Application | ibm | db2_universal_database | 8.10 | Yes |
| Application | ibm | db2_universal_database | 8.12 | Yes |