Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3853

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-3853
Last Modified 05 Jun 2009 01:20:32
Published 28 Aug 2008 01:41:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-3853

Summary

Buffer overflow in the DAS server program in the Core DAS function component in IBM DB2 9.1 before FP4a and 9.5 before FP1 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via unspecified vectors. NOTE: this might be related to CVE-2007-3676.

Vulnerable Systems

Application

  • Ibm Db2 Universal Database 9.1


References

BID - 29601

CONFIRM - http://www-1.ibm.com/support/docview.wss?uid=swg21255607

AIXAPAR - IZ12379

XF - ibm-db2-das-bo(45141)

AIXAPAR - IZ12406

SECUNIA - 29784

CONFIRM - ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT


Last Updated: 27 May 2016 10:48:19