Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3852

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2008-3852
Last Modified 07 Mar 2011 12:00:00
Published 28 Aug 2008 01:41:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2008-3852

Summary

Unspecified vulnerability in the CLR stored procedure deployment from IBM Database Add-Ins for Visual Studio in the Visual Studio Net component in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 2 allows remote authenticated users to execute arbitrary code via unknown vectors.

Vulnerable Systems

Application

  • Ibm Db2 Universal Database 9.1

  • Ibm Db2 Universal Database 9.5


References

XF - ibm-db2-clr-unspecified(42927)

XF - ibm-db2-clr-visualstudio-unspecified(44697)

VUPEN - ADV-2008-2445

VUPEN - ADV-2008-1769

SECTRACK - 1020761

BID - 29601

BUGTRAQ - 20080916 Team SHATTER Security Advisory: Security Vulnerability in CLR stored procedure deployment from IBM Database Add-Ins for Visual Studio

CONFIRM - http://www-1.ibm.com/support/docview.wss?uid=swg21293566

CONFIRM - http://www-1.ibm.com/support/docview.wss?uid=swg21255607

AIXAPAR - JR28432

AIXAPAR - JR28431

SECUNIA - 31635

SECUNIA - 30558


Last Updated: 27 May 2016 10:48:19