VYPR
← All advisories
Unrated severityNVD Advisory· Published Oct 5, 2010· Updated Apr 29, 2026

CVE-2010-3735

CVE-2010-3735

Description

The "Query Compiler, Rewrite, Optimizer" component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted query involving certain UNION ALL views, leading to an indefinitely large amount of compilation time.

Affected products

11
  • IBM/Db210 versions
    cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*+ 9 more
    • cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.5:fp1:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.5:fp2:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.5:fp2a:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.5:fp3:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.5:fp3a:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.5:fp3b:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.5:fp4:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.5:fp4a:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.5:fp5:*:*:*:*:*:*
  • IBM/DB2 UDBllm-fuzzy
    Range: 9.5 < FP6a

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.