Description
Unknown "high risk" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and attack vectors. NOTE: due to the delayed disclosure of details for this issue, this candidate may be SPLIT in the future. In addition, this may be a duplicate of other issues as reported by the vendor.
Product(s):
- IBM DB2 Universal Database 6.0
- IBM DB2 Universal Database 7.0 on Linux
- IBM DB2 Universal Database 7.1 on Linux
- IBM DB2 Universal Database 7.2 on Linux
- IBM DB2 Universal Database 8.0 linux
- IBM DB2 Universal Database 8.1 on AIX
- IBM DB2 Universal Database 8.2 for Windows
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2005-0417, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2005-0417 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.