IBM DB2 9.7 before FP10, 9.8 through FP5, 10.1 through FT4, and 10.5 through FP4 on Linux, UNIX, and Windows, when immediate AUTO_REVAL is enabled, allows remote authenticated users to cause a denial of service (daemon crash) via a crafted ALTER TABLE statement.

References

• https://nvd.nist.gov/vuln/detail/CVE-2014-6159
• https://exchange.xforce.ibmcloud.com/vulnerabilities/97708
• http://secunia.com/advisories/62092
• http://secunia.com/advisories/62093
• http://www-01.ibm.com/support/docview.wss?uid=swg1IT04730
• http://www-01.ibm.com/support/docview.wss?uid=swg1IT05074
• http://www-01.ibm.com/support/docview.wss?uid=swg1IT05105
• http://www-01.ibm.com/support/docview.wss?uid=swg1IT05132
• http://www-01.ibm.com/support/docview.wss?uid=swg21688051
• http://www-01.ibm.com/support/docview.wss?uid=swg21693197
• http://www.securityfocus.com/bid/71006