VULHUB ™

IBM DB2 is reported prone to a denial of service vulnerability when DTS to string conversion is carried out. It is reported that during a DTS to string conversion a trap occurs if an empty formatting string is provided. The vulnerability is exposed in the 'to_char' and 'to_date' conversion functions. This is one of the issues announced in BIDs 11089 and 11327. It is now being assigned its own BID since the vendor has provided additional technical information.

IBM DB2 is reported prone to a denial of service vulnerability when DTS to string conversion is carried out. It is reported that during a DTS to string conversion a trap occurs if an empty formatting string is provided. The vulnerability is exposed in the 'to_char' and 'to_date' conversion functions. This is one of the issues announced in BIDs 11089 and 11327. It is now being assigned its own BID since the vendor has provided additional technical information.