{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"DB2 Connect Server.","product":{"name":"Db2","vendor":{"name":"IBM","scada":false}}},{"description":"DB2 Enterprise Server Edition ;","product":{"name":"Db2","vendor":{"name":"IBM","scada":false}}},{"description":"DB2 Workgroup Server ;","product":{"name":"Db2","vendor":{"name":"IBM","scada":false}}},{"description":"BD2 Express Server ;","product":{"name":"Db2","vendor":{"name":"IBM","scada":false}}},{"description":"DB2 Personnal Edition ;","product":{"name":"Db2","vendor":{"name":"IBM","scada":false}}}],"affected_systems_content":null,"content":"## Description\n\nDeux vuln\u00e9rabilit\u00e9s affectant IBM DB2 ont \u00e9t\u00e9 d\u00e9couvertes :\n\n-   la premi\u00e8re permet \u00e0 une personne malveillante d'effectuer un d\u00e9ni\n    de service \u00e0 distance via un flux de type CONNECT sp\u00e9cialement con\u00e7u\n    ;\n-   la seconde, non document\u00e9e, permet \u00e0 une personne distante via un\n    flux sp\u00e9cialement con\u00e7u d'effectuer un d\u00e9ni de service.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 IBM pour l'obtention des correctifs\n(cf. section Documentation).\n","cves":[],"links":[],"reference":"CERTA-2009-AVI-014","revisions":[{"description":"version initiale.","revision_date":"2009-01-14T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"}],"summary":"Deux vuln\u00e9rabilit\u00e9s dans IBM DB2 permettent \u00e0 une personne\nmalintentionn\u00e9e d'effectuer un d\u00e9ni de service \u00e0 distance.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans IBM DB2","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 IBM swg21363936 du 13 janvier 2009","url":"http://www-1.ibm.com/support/docview.wss?uid=swg21363936"}]}