漏洞编号: IZ39373 漏洞描述: A malicious, malformed data stream sent to a DB2 server can cause the server to trap. However, the malformed data stream is only effective after a valid DB2 authentication has occurred. A regular DB2 client cannot flow the malformed data stream under regular use or accidental use. 受影响的用户: All DB2 servers on all Linux, Unix and Windows platforms at service levels from Version 9.1 GA through to Version 9.1 Fix Pack 6. 修复措施: The complete fix for this problem first appears in DB2 Version 9.1 Fix Pack 6a and all the subsequent Fix Packs. 临时解决办法: None. 漏洞状态: Closed 漏洞类别: Programming Error - Fix provided (PER) 是否有修复: Yes, Fixes are available. 相关文档信息: - Product: Db2 Linux, Unix and Windows - Software version: 9.1.0 - Document number: DT193296 - Date of update: August 05, 2023, 08:28 GMT+2 漏洞信息: - APAR Number: IZ39373 - Reported component name: DB2 UDB ESE AIX - Reported component id: 5765F4100 - Reported component release: 910 - Fixed error type: Fix in Error - PE type: NoPE - HIPER level: NoHIPER - Special attention: NoSpecatt - Submit date: December 04, 2008 - Closed date: February 13, 2009 - Latest update date: August 05, 2023 - DB2 Version 9.1 Fix Pack 7a for Linux, UNIX and Windows: ibm.com/support/pages/node/305607 - DB2 Version 9.1 Fix Pack 7 for Linux, UNIX and Windows: ibm.com/support/pages/node/576873 - DB2 Version 9.1 Fix Pack 8 for Linux, UNIX and Windows: ibm.com/support/pages/node/305795 - DB2 Version 9.1 Fix Pack 9 for Linux, UNIX and Windows: ibm.com/support/pages/node/306887 - DB2 Version 9.1 Fix Pack 11 for Linux, UNIX and Windows: ibm.com/support/pages/node/310339 - DB2 Version 9.1 Fix Pack 12 for Linux, UNIX and Windows: ibm.com/support/pages/node/311735 - DB2 Version 9.1 Fix Pack 6a for Linux, UNIX and Windows: ibm.com/support/pages/node/576527