Vulnerability-Lookup - Search a vulnerability

Search criteria

Vendor

Product

Assigner

Sources

Sort by

Order

FKIE_CVE-2010-3739

Vulnerability from fkie_nvd - Published: 2010-10-05 18:00 - Updated: 2025-04-11 00:51

Severity ?

Summary

The audit facility in the Security component in IBM DB2 UDB 9.5 before FP6a uses instance-level audit settings to capture connection (aka CONNECT and AUTHENTICATION) events in certain circumstances in which database-level audit settings were intended, which might make it easier for remote attackers to connect without discovery.

References

URL	Tags
cve@mitre.org	ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg1JR34218	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1JR34218	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	*
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp6:*:*:*:*:*:*",
              "matchCriteriaId": "1981C2E5-E186-48A7-B977-7FB8A7DBB6EE",
              "versionEndIncluding": "9.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F01421A6-B4B4-4F86-87D3-B11AEC1258CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp1:*:*:*:*:*:*",
              "matchCriteriaId": "5B561679-68AF-4586-919A-83D47195F9FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp2:*:*:*:*:*:*",
              "matchCriteriaId": "D66FF5FC-E01A-4DE9-B344-FA20941C806B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp2a:*:*:*:*:*:*",
              "matchCriteriaId": "430BE300-8260-4966-A282-B69C67B6511C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp3:*:*:*:*:*:*",
              "matchCriteriaId": "83FB7558-610A-4218-A347-74E1BF4509CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp3a:*:*:*:*:*:*",
              "matchCriteriaId": "DCA815B1-EF9D-4F43-A51E-2E808FE124C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp3b:*:*:*:*:*:*",
              "matchCriteriaId": "F4EB46DD-C3DF-4509-9B2E-AFEF7F3EA0D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp4:*:*:*:*:*:*",
              "matchCriteriaId": "ECF24F65-D158-4627-8E0C-C700CCF803D7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp4a:*:*:*:*:*:*",
              "matchCriteriaId": "0445F99B-1AC4-43CE-85EF-7F0BC1AA093D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp5:*:*:*:*:*:*",
              "matchCriteriaId": "61533220-2A4F-4BEE-A6BA-27AF0CB2998E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The audit facility in the Security component in IBM DB2 UDB 9.5 before FP6a uses instance-level audit settings to capture connection (aka CONNECT and AUTHENTICATION) events in certain circumstances in which database-level audit settings were intended, which might make it easier for remote attackers to connect without discovery."
    },
    {
      "lang": "es",
      "value": "La caracter\u00edstica de auditor\u00eda en el componente de seguridad de IBM DB2 UDB v9.5 antes de FP6a utiliza la configuraci\u00f3n de auditor\u00eda a nivel de instancia para capturar los eventos de conexi\u00f3n (tambi\u00e9n conocidos como CONNECT y AUTHENTICATION) en determinadas circunstancias, lo que podr\u00eda hacer m\u00e1s f\u00e1cil a atacantes remotos a la hora de conectarse sin ser descubiertos."
    }
  ],
  "id": "CVE-2010-3739",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 6.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-10-05T18:00:33.487",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR34218"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR34218"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-287"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2009-4150

Vulnerability from fkie_nvd - Published: 2009-12-02 11:30 - Updated: 2025-04-09 00:30

Severity ?

Summary

dasauto in IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP1 permits execution by unprivileged user accounts, which has unspecified impact and local attack vectors.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/36890	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/37454	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1023242
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg1IC64759
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40340
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40343
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40352
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21386689	Patch, Vendor Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21403619	Patch, Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2009/3340	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36890	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/37454	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1023242
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IC64759
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40340
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40343
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40352
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21386689	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21403619	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/3340	Vendor Advisory

Impacted products

Vendor	Product	Version
ibm	db2	9.1
ibm	db2	9.1
ibm	db2	9.1
ibm	db2	9.1
ibm	db2	9.1
ibm	db2	9.1
ibm	db2	9.1
ibm	db2	9.1
ibm	db2	9.1
ibm	db2	9.5
ibm	db2	9.5
ibm	db2	9.5
ibm	db2	9.5
ibm	db2	9.5
ibm	db2	9.5
ibm	db2	9.7
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp1:*:*:*:*:*:*",
              "matchCriteriaId": "2AF419E7-F2B5-4E2A-B85D-C0EC6C1DEA4F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp2:*:*:*:*:*:*",
              "matchCriteriaId": "95BBA3F1-C276-4C30-BFE5-9CE212BEBEFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp3:*:*:*:*:*:*",
              "matchCriteriaId": "4DF01163-F805-4FC8-9836-462034D1B5CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp3a:*:*:*:*:*:*",
              "matchCriteriaId": "E570E88C-35F8-4E12-8121-20536AC8A0AB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp4:*:*:*:*:*:*",
              "matchCriteriaId": "757E30FB-2EFB-4B3D-9931-17D584D433A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp5:*:*:*:*:*:*",
              "matchCriteriaId": "47455B4A-6E10-417F-9974-B0AA7F3180FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp6:*:*:*:*:*:*",
              "matchCriteriaId": "84156C5B-EFC6-4733-A868-C3C51CFBA7CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp6a:*:*:*:*:*:*",
              "matchCriteriaId": "FA8ABABB-F84D-41F0-A894-56911AF6E7E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp7:*:*:*:*:*:*",
              "matchCriteriaId": "3D511307-1EBB-408B-BCDE-C6BEFCF154C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.5:fp1:*:*:*:*:*:*",
              "matchCriteriaId": "58147402-53D5-4F15-862B-EE3DCCD75E2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.5:fp2:*:*:*:*:*:*",
              "matchCriteriaId": "D3F3CB5E-D4FB-4C03-B108-06CC358B1F45",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.5:fp2a:*:*:*:*:*:*",
              "matchCriteriaId": "CB2EA14A-878A-4D8D-B17A-568712D21C48",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.5:fp3:*:*:*:*:*:*",
              "matchCriteriaId": "84C925CD-E753-401F-9EC0-6E3D9861C818",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.5:fp3a:*:*:*:*:*:*",
              "matchCriteriaId": "651D042C-A9F1-42D1-A6DD-95ADBCD08448",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.5:fp3b:*:*:*:*:*:*",
              "matchCriteriaId": "0A589323-B8B8-4CB4-B1A9-B9E771C99123",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE1C4DE6-EB32-4A31-9FAA-D8DA31D8CF05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BB95F92-EA60-4301-99AD-AC8DA2491086",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp1:aix:*:*:*:*:*",
              "matchCriteriaId": "E9D53A45-A270-47A6-8E52-4EFD20B60454",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp1:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "1DC0FD0B-BB91-4881-8BEF-2FF5DEE799FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp1:linux:*:*:*:*:*",
              "matchCriteriaId": "C4D89C55-70BA-4DEB-A3CB-93F1F01BBB8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp10:aix:*:*:*:*:*",
              "matchCriteriaId": "F805BA54-A413-46EC-A1C0-EEE5A8FB3C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp10:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "DAA10457-D52B-4AE5-8635-E072B5E25662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp10:linux:*:*:*:*:*",
              "matchCriteriaId": "F9EF7B04-D200-4648-AD26-D78BD8B032FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp10:solaris:*:*:*:*:*",
              "matchCriteriaId": "EB3DA89D-B79A-4B02-A287-C505D1FE8004",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp11:aix:*:*:*:*:*",
              "matchCriteriaId": "D52430A4-018F-4342-A1F5-4093CBBCFFED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp11:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "7A1C82E1-F8EF-40CD-ACDD-081FFC268FBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp11:linux:*:*:*:*:*",
              "matchCriteriaId": "C1B22E99-C013-49B3-BE3E-DB9DB685CA03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp11:solaris:*:*:*:*:*",
              "matchCriteriaId": "9173E3FB-1DA9-4DD8-A08F-8A730BEB27B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp12:aix:*:*:*:*:*",
              "matchCriteriaId": "58D0932B-A52A-48BB-ADFB-AEB17FCF69E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp12:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "F63AA153-396F-43AC-8CB0-8E27F119FF5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp12:linux:*:*:*:*:*",
              "matchCriteriaId": "7C132382-0C33-4E9B-878B-2C626D34DB10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp12:solaris:*:*:*:*:*",
              "matchCriteriaId": "C1C093DF-FCD2-47FC-8C8E-1468A5FA06B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp13:aix:*:*:*:*:*",
              "matchCriteriaId": "27E209D3-741C-4BD6-AE5A-A52C0C0EAEA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp13:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "AA4A6254-B6BB-42DB-9E2F-7AA960AD8C41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp13:linux:*:*:*:*:*",
              "matchCriteriaId": "BEBC3282-413E-4A0C-BDEA-B5671BF51F71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp13:solaris:*:*:*:*:*",
              "matchCriteriaId": "45802AC3-78BB-4190-AB93-B67F586B94C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp14:aix:*:*:*:*:*",
              "matchCriteriaId": "99270F25-D30F-4120-9FA2-35C39CEEC8B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp14:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "BDD49D30-7ACF-4A33-B92D-C66BE9929BE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp14:linux:*:*:*:*:*",
              "matchCriteriaId": "3664CEE2-0449-452B-A934-170F0349A57C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp14:solaris:*:*:*:*:*",
              "matchCriteriaId": "4A9A7663-3322-45A9-A5D8-E0970336F68D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp15:aix:*:*:*:*:*",
              "matchCriteriaId": "D6B6EAB4-5A66-4BEB-B38B-DA0124DD6F57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp15:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "9BC307F3-A9A0-4C48-8983-64B1B237AAF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp15:linux:*:*:*:*:*",
              "matchCriteriaId": "44C9C5AF-26E2-4C0F-9816-0CF3EE02A838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp15:solaris:*:*:*:*:*",
              "matchCriteriaId": "68018945-8F40-436E-9981-4C3B62EAD28E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp16:aix:*:*:*:*:*",
              "matchCriteriaId": "09E620E2-55BF-480C-9698-113505F90BFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp16:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "B74F7B8A-0E7C-4190-AF4E-2389F18997E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp16:linux:*:*:*:*:*",
              "matchCriteriaId": "9263F04B-FF63-4DF7-8C77-C6CE7B67BFD2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp16:solaris:*:*:*:*:*",
              "matchCriteriaId": "F88DCFD5-CB47-49C9-99CD-8D46827A02B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp2:aix:*:*:*:*:*",
              "matchCriteriaId": "A24425DA-1FAC-43BC-86F3-1E561277AF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp2:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "23BB5DCC-CC6E-4118-B0D4-DEE6EA54D05A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp2:linux:*:*:*:*:*",
              "matchCriteriaId": "E6097C8C-41B1-4CC8-AAD3-3731D103093B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp2:solaris:*:*:*:*:*",
              "matchCriteriaId": "1DF33116-6CB4-48B2-BF23-632F185EB7CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp3:aix:*:*:*:*:*",
              "matchCriteriaId": "6A3A0A74-100A-4B37-8D45-3F59FE403D63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp3:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "741D3457-DA96-4AF1-A036-7FAF640C8D27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp3:linux:*:*:*:*:*",
              "matchCriteriaId": "D55F0E1F-2905-4ABC-9A9B-FF62299F679D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp3:solaris:*:*:*:*:*",
              "matchCriteriaId": "12EB2606-33BE-4253-94B7-43E76F0BB430",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4:aix:*:*:*:*:*",
              "matchCriteriaId": "55E1A553-1786-489D-9BE2-60D7348FD8F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "E8C502A3-56DA-4104-BCAC-3E5D454D49F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4:linux:*:*:*:*:*",
              "matchCriteriaId": "F98FA787-A7E7-45BA-A3DC-F25C2FC74A10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4:solaris:*:*:*:*:*",
              "matchCriteriaId": "2C8DA7D4-0375-412A-9DDF-E31D6D1CD5C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4a:aix:*:*:*:*:*",
              "matchCriteriaId": "58F68270-C74E-415E-A8C1-3FE5940B8DD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4a:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "F677E182-A145-42D0-8580-8467279938CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4a:linux:*:*:*:*:*",
              "matchCriteriaId": "D02E2CF9-CE08-4B0B-ADD5-1A9AE7DE8B62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4a:solaris:*:*:*:*:*",
              "matchCriteriaId": "AB99106D-14C9-4E95-92BA-0DDF1EF48B29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp5:aix:*:*:*:*:*",
              "matchCriteriaId": "36A0742E-E958-4328-B9A8-2D4BA883926F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp5:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "13FE19E6-67FD-450F-9129-8DCF4707C0BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp5:linux:*:*:*:*:*",
              "matchCriteriaId": "8A8E27E2-4470-40B6-BE35-3B96D375D891",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp5:solaris:*:*:*:*:*",
              "matchCriteriaId": "045B87AF-476D-4A13-88E4-C0ADF8F1374D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6:aix:*:*:*:*:*",
              "matchCriteriaId": "16E17C4B-C233-4C27-90DF-34802571EFBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "B2C32CFE-2C37-44B4-B05F-B4B41ADEEB17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6:linux:*:*:*:*:*",
              "matchCriteriaId": "A32039C1-C940-4ACC-8236-6C48286CD8EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6:solaris:*:*:*:*:*",
              "matchCriteriaId": "9E792924-8741-42EA-B091-521A8D806393",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6a:aix:*:*:*:*:*",
              "matchCriteriaId": "1BCDD273-AA59-427A-A13C-21D2D18862C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6a:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "63FB9C7D-72AB-40B8-B9A0-107707AB970D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6a:linux:*:*:*:*:*",
              "matchCriteriaId": "BFDEB3C4-261D-4A44-898F-0972C4E0BADD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6a:solaris:*:*:*:*:*",
              "matchCriteriaId": "711D578D-53FA-4FE3-87D4-49E8A6B27645",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6b:aix:*:*:*:*:*",
              "matchCriteriaId": "8AC7F72B-8BC0-4186-9EA7-B1B4CF4DE029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6b:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "492DF384-0687-409F-A416-D545E3CA4B1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6b:linux:*:*:*:*:*",
              "matchCriteriaId": "A1ACA5ED-C596-48A4-A60F-AF29457D8E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6b:solaris:*:*:*:*:*",
              "matchCriteriaId": "17C07869-F96F-409A-A5A8-DAEF37513442",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6c:aix:*:*:*:*:*",
              "matchCriteriaId": "0A7DFEC9-AF38-457A-A4E6-77EFFDEC6E8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6c:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "BEF40CF8-4858-4AD2-9136-B9E7742609E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6c:linux:*:*:*:*:*",
              "matchCriteriaId": "02AEA3AF-76F2-479E-97FF-259228157219",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6c:solaris:*:*:*:*:*",
              "matchCriteriaId": "D9C4CF66-D4BA-4C00-8891-BEEB0DD665A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7:aix:*:*:*:*:*",
              "matchCriteriaId": "28589727-AE9E-4181-8B41-46192B593E98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "F458C66B-ACE1-4315-A8CC-4CEFAD41028D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7:linux:*:*:*:*:*",
              "matchCriteriaId": "83642434-B93C-450B-99EA-270008B4E37D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7:solaris:*:*:*:*:*",
              "matchCriteriaId": "F2AD8AC6-239A-4CFE-9D9E-8A841A867725",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7a:aix:*:*:*:*:*",
              "matchCriteriaId": "5187C464-0B04-4D29-8700-F4D9359F0564",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7a:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "9A1A163A-AA78-48E1-9C86-C8A1A1A29929",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7a:linux:*:*:*:*:*",
              "matchCriteriaId": "20AC001E-4C76-42CB-A8BC-790BD0C39F98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7a:solaris:*:*:*:*:*",
              "matchCriteriaId": "4B4F776B-5914-4BDE-9C2F-84E3795FA788",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7b:aix:*:*:*:*:*",
              "matchCriteriaId": "11D13957-FDE1-4B00-8753-BA94C0DAA249",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7b:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "C18FB58D-6EC6-4CDD-912B-18A17F7E957B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7b:linux:*:*:*:*:*",
              "matchCriteriaId": "2045E0EA-B405-4BF0-A817-34E79317F46F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7b:solaris:*:*:*:*:*",
              "matchCriteriaId": "4541F041-F2F4-4491-BDBE-4215A75E832C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8:aix:*:*:*:*:*",
              "matchCriteriaId": "2F7D3287-9D4C-4AA7-8232-3543369397CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "BA5B0AA2-E067-4FFF-ADE1-145D8A1C1B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8:linux:*:*:*:*:*",
              "matchCriteriaId": "0C35EA9D-DEFE-4B81-B5C9-51103273F661",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8:solaris:*:*:*:*:*",
              "matchCriteriaId": "C92BCF46-BEBF-433C-A095-44E6F7A16E3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8a:aix:*:*:*:*:*",
              "matchCriteriaId": "308D7247-F21E-4199-BA14-FE318637F3C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8a:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "84E99600-0016-4FD9-BFC9-D2CD913012BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8a:linux:*:*:*:*:*",
              "matchCriteriaId": "0CBA4D6B-4C07-4780-8760-00F82D0016E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8a:solaris:*:*:*:*:*",
              "matchCriteriaId": "332C4CED-4E32-48C6-BF91-43409E0C7D8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9:aix:*:*:*:*:*",
              "matchCriteriaId": "1F5AD43F-1D06-447F-8B66-89207DE3AECA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "CEC1C774-2AD9-4EBA-AB11-70135F20D006",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9:linux:*:*:*:*:*",
              "matchCriteriaId": "5CE1E38B-FEA7-45CE-A50E-A4670AB925EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9:solaris:*:*:*:*:*",
              "matchCriteriaId": "BDC3F77B-9C7C-4D56-B575-FFFF0AD51E3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9a:aix:*:*:*:*:*",
              "matchCriteriaId": "F9D03647-B68E-4950-A718-7E83135A8BE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9a:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "27F207B6-B5E8-4972-B315-106F4903B8B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9a:linux:*:*:*:*:*",
              "matchCriteriaId": "C934F5CD-7E30-497E-9DD8-BB92646B81E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9a:solaris:*:*:*:*:*",
              "matchCriteriaId": "43D68C54-E197-43AD-94CF-AA2CF1B2D76C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "dasauto in IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP1 permits execution by unprivileged user accounts, which has unspecified impact and local attack vectors."
    },
    {
      "lang": "es",
      "value": "dasauto en IBM DB2 v8 anterior a FP18, v9.1 anterior a FP8, v9.5 anterior a FP4, y v9.7 anterior a FP1, permite la ejecuci\u00f3n a trav\u00e9s de cuentas de usuario sin privilegios, lo que tiene un impacto y vectores de ataque no especificados."
    }
  ],
  "id": "CVE-2009-4150",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-12-02T11:30:00.627",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36890"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37454"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1023242"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC64759"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40340"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40343"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40352"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21386689"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21403619"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/3340"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36890"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/37454"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1023242"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC64759"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40340"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40343"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40352"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21386689"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21403619"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2009/3340"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2009-0172

Vulnerability from fkie_nvd - Published: 2009-01-16 21:30 - Updated: 2025-04-09 00:30

Severity ?

Summary

Unspecified vulnerability in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote attackers to cause a denial of service (infinite loop) via a crafted CONNECT data stream.

References

URL	Tags
cve@mitre.org	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
cve@mitre.org	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT
cve@mitre.org	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
cve@mitre.org	http://secunia.com/advisories/33529	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1021591
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37696
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21363936	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ36534	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ37697	Patch, Vendor Advisory
cve@mitre.org	http://www.securityfocus.com/bid/33258	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2009/0137
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/47931
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/33529	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1021591
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37696
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21363936	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ36534	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ37697	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/33258	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/0137
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/47931

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "0D925911-6225-4B31-9C19-EF40360A9FB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "A96437C6-D2C6-46BC-BC2D-078F6131E8E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "806CC0EE-9779-4676-A1FB-13878BAE42F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "C31FA827-1D6D-471A-8246-D39AF6AD0F83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "9446F75C-BE15-4DAE-9B96-E80F0EF24C0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:*:*:*:*:*:*",
              "matchCriteriaId": "06EA7251-AF53-4A63-B469-97A1316FCFFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:aix:*:*:*:*:*",
              "matchCriteriaId": "640F9988-7F33-4440-AB63-2743237BF2B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "C6F52E0B-24A2-4942-9256-ADBBEE3C1BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:linux:*:*:*:*:*",
              "matchCriteriaId": "627E56A7-98F1-4A94-9F76-4C6A9365616B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:solaris:*:*:*:*:*",
              "matchCriteriaId": "9DBCE5C1-CE78-4DEA-A6E7-35B2525052E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:windows:*:*:*:*:*",
              "matchCriteriaId": "CC92F759-749C-4E6A-83B3-C8ADB333054F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:aix:*:*:*:*:*",
              "matchCriteriaId": "30FD4DEA-CB8C-4E90-BE9E-B5C6225371A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "24FE6316-E7FB-474B-B61B-38F72D6EE632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:solaris:*:*:*:*:*",
              "matchCriteriaId": "D16FC5E6-87A6-4594-8E1F-8DEBA7A7326B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:*:*:*:*:*:*",
              "matchCriteriaId": "6E9595EC-7222-4737-96B8-80847399CFF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:aix:*:*:*:*:*",
              "matchCriteriaId": "3F54309A-BA0E-447A-A115-DDBC20F6B2FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "55F55D9D-3016-4AB1-84B3-20FEE3CD0A98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:linux:*:*:*:*:*",
              "matchCriteriaId": "C518666C-29DE-45C0-A68D-74B5E2CEBBBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:windows:*:*:*:*:*",
              "matchCriteriaId": "A3BD177C-6CF6-463D-8999-830DA1BF3E38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:*:*:*:*:*:*",
              "matchCriteriaId": "74479A15-2388-4FBA-AE83-1692F22122E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "7D21AED3-42E7-4C07-8DD3-4DFCC40E1460",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:linux:*:*:*:*:*",
              "matchCriteriaId": "240239CD-9E05-46E0-A42C-13DB5EE8F436",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:windows:*:*:*:*:*",
              "matchCriteriaId": "77828856-BFE6-4D31-90C1-CDB189BA95AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:ga:*:*:*:*:*:*",
              "matchCriteriaId": "E3422821-0C01-4502-AD99-0AFE73751B3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F01421A6-B4B4-4F86-87D3-B11AEC1258CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:aix:*:*:*:*:*",
              "matchCriteriaId": "55D8F159-5A2D-4CB6-A7B9-7DCF8A9B82C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "F7E8AA7B-4E40-41B9-8940-95B5F00E11DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:linux:*:*:*:*:*",
              "matchCriteriaId": "C91A9870-C75D-4B49-B1F5-E9CF054D3CA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "B7C7E16D-AC11-4FC0-9534-799926E525EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:windows:*:*:*:*:*",
              "matchCriteriaId": "C1B953D1-0B8F-4C6F-8485-E5E942593015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp1:aix:*:*:*:*:*",
              "matchCriteriaId": "2098CCDC-1F4B-44AC-976E-E31FED8AD976",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp1:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "87FFA2D9-8544-4B12-B02E-8B2198CB3621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp1:linux:*:*:*:*:*",
              "matchCriteriaId": "BDDEF993-94F0-431F-AC23-86EE3089F61B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp1:solaris:*:*:*:*:*",
              "matchCriteriaId": "652E829C-0886-4FD6-9513-C1AD844E30AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp1:windows:*:*:*:*:*",
              "matchCriteriaId": "99A3B7D1-8467-4B9B-ACAC-2D265386F2D9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote attackers to cause a denial of service (infinite loop) via a crafted CONNECT data stream."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en IBM DB2 v9.1 anterior a FP6a y 9.5 anterior a FP3a permite a atacantes remotos causar denegaci\u00f3n de servicio a trav\u00e9s de una secuencia de datos CONNECT manipulada."
    }
  ],
  "id": "CVE-2009-0172",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-01-16T21:30:03.593",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33529"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1021591"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37696"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ36534"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ37697"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/33258"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/0137"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47931"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33529"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1021591"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37696"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ36534"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ37697"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/33258"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0137"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47931"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2009-0173

Vulnerability from fkie_nvd - Published: 2009-01-16 21:30 - Updated: 2025-04-09 00:30

Severity ?

Summary

Unspecified vulnerability in the server in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote authenticated users to cause a denial of service (trap) via a crafted data stream.

References

URL	Tags
cve@mitre.org	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
cve@mitre.org	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT
cve@mitre.org	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
cve@mitre.org	http://secunia.com/advisories/33529	Vendor Advisory
cve@mitre.org	http://securitytracker.com/id?1021591
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ39652
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21363936	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39373	Patch
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39653	Patch
cve@mitre.org	http://www.securityfocus.com/bid/33258
cve@mitre.org	http://www.vupen.com/english/advisories/2009/0137
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/47934
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/33529	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1021591
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ39652
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21363936	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39373	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39653	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/33258
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2009/0137
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/47934

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "0D925911-6225-4B31-9C19-EF40360A9FB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "A96437C6-D2C6-46BC-BC2D-078F6131E8E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "806CC0EE-9779-4676-A1FB-13878BAE42F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "C31FA827-1D6D-471A-8246-D39AF6AD0F83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "9446F75C-BE15-4DAE-9B96-E80F0EF24C0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:*:*:*:*:*:*",
              "matchCriteriaId": "06EA7251-AF53-4A63-B469-97A1316FCFFF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:aix:*:*:*:*:*",
              "matchCriteriaId": "640F9988-7F33-4440-AB63-2743237BF2B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "C6F52E0B-24A2-4942-9256-ADBBEE3C1BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:linux:*:*:*:*:*",
              "matchCriteriaId": "627E56A7-98F1-4A94-9F76-4C6A9365616B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:solaris:*:*:*:*:*",
              "matchCriteriaId": "9DBCE5C1-CE78-4DEA-A6E7-35B2525052E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:windows:*:*:*:*:*",
              "matchCriteriaId": "CC92F759-749C-4E6A-83B3-C8ADB333054F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:aix:*:*:*:*:*",
              "matchCriteriaId": "30FD4DEA-CB8C-4E90-BE9E-B5C6225371A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "24FE6316-E7FB-474B-B61B-38F72D6EE632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:solaris:*:*:*:*:*",
              "matchCriteriaId": "D16FC5E6-87A6-4594-8E1F-8DEBA7A7326B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:*:*:*:*:*:*",
              "matchCriteriaId": "6E9595EC-7222-4737-96B8-80847399CFF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:aix:*:*:*:*:*",
              "matchCriteriaId": "3F54309A-BA0E-447A-A115-DDBC20F6B2FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "55F55D9D-3016-4AB1-84B3-20FEE3CD0A98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:linux:*:*:*:*:*",
              "matchCriteriaId": "C518666C-29DE-45C0-A68D-74B5E2CEBBBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:windows:*:*:*:*:*",
              "matchCriteriaId": "A3BD177C-6CF6-463D-8999-830DA1BF3E38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:*:*:*:*:*:*",
              "matchCriteriaId": "74479A15-2388-4FBA-AE83-1692F22122E5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "7D21AED3-42E7-4C07-8DD3-4DFCC40E1460",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:linux:*:*:*:*:*",
              "matchCriteriaId": "240239CD-9E05-46E0-A42C-13DB5EE8F436",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:windows:*:*:*:*:*",
              "matchCriteriaId": "77828856-BFE6-4D31-90C1-CDB189BA95AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:ga:*:*:*:*:*:*",
              "matchCriteriaId": "E3422821-0C01-4502-AD99-0AFE73751B3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F01421A6-B4B4-4F86-87D3-B11AEC1258CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:aix:*:*:*:*:*",
              "matchCriteriaId": "55D8F159-5A2D-4CB6-A7B9-7DCF8A9B82C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "F7E8AA7B-4E40-41B9-8940-95B5F00E11DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:linux:*:*:*:*:*",
              "matchCriteriaId": "C91A9870-C75D-4B49-B1F5-E9CF054D3CA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "B7C7E16D-AC11-4FC0-9534-799926E525EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:windows:*:*:*:*:*",
              "matchCriteriaId": "C1B953D1-0B8F-4C6F-8485-E5E942593015",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp1:aix:*:*:*:*:*",
              "matchCriteriaId": "2098CCDC-1F4B-44AC-976E-E31FED8AD976",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp1:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "87FFA2D9-8544-4B12-B02E-8B2198CB3621",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp1:linux:*:*:*:*:*",
              "matchCriteriaId": "BDDEF993-94F0-431F-AC23-86EE3089F61B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp1:solaris:*:*:*:*:*",
              "matchCriteriaId": "652E829C-0886-4FD6-9513-C1AD844E30AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:fp1:windows:*:*:*:*:*",
              "matchCriteriaId": "99A3B7D1-8467-4B9B-ACAC-2D265386F2D9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the server in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote authenticated users to cause a denial of service (trap) via a crafted data stream."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en el servidor en IBM DB2 v9.1 anterior  a FP6 y v9.5 anterior a FP3a permite a atacantes remotos causar denegaci\u00f3n de servicio (trampa) a trav\u00e9s de una secuencia de datos manipulada."
    }
  ],
  "id": "CVE-2009-0173",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-01-16T21:30:03.610",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33529"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1021591"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ39652"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39373"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39653"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/33258"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2009/0137"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47934"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33529"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1021591"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ39652"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39373"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39653"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/33258"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0137"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47934"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2008-3960

Vulnerability from fkie_nvd - Published: 2008-09-11 01:13 - Updated: 2025-04-09 00:30

Severity ?

Summary

Unspecified vulnerability in the JDBC Applet Server Service (aka db2jds) in IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service (service crash) via "malicious packets."

References

URL	Tags
cve@mitre.org	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
cve@mitre.org	http://osvdb.org/48148
cve@mitre.org	http://secunia.com/advisories/31787	Vendor Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg21318189
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1JR29274
cve@mitre.org	http://www.securityfocus.com/bid/31058
cve@mitre.org	http://www.securitytracker.com/id?1020826
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/44984
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/48148
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31787	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg21318189
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1JR29274
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/31058
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1020826
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/44984

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	*
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2
ibm	db2_universal_database	8.2

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp16:*:*:*:*:*:*",
              "matchCriteriaId": "CD142750-345A-4494-AD18-6066ACE7FD6F",
              "versionEndIncluding": "8.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A1C6146-5EE5-4CD0-B6AC-3F41937C2FDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp1:*:*:*:*:*:*",
              "matchCriteriaId": "84FCC3B8-58C0-4739-A184-FE3D5171E6D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp10:*:*:*:*:*:*",
              "matchCriteriaId": "1261651A-8849-40A2-9E1C-E40F0033E6E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp11:*:*:*:*:*:*",
              "matchCriteriaId": "62B91891-59A3-4F3C-A0AB-196CCEA72643",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp12:*:*:*:*:*:*",
              "matchCriteriaId": "F4D3EC1B-B162-4FCC-B573-E45917F5D51A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp13:*:*:*:*:*:*",
              "matchCriteriaId": "770BC7B2-6539-4C38-B246-32997A0D932C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp14:*:*:*:*:*:*",
              "matchCriteriaId": "4381E4E3-1E56-45E7-BF66-001DA1CFE18B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp15:*:*:*:*:*:*",
              "matchCriteriaId": "F3FB2953-6048-4C98-AC6A-272DCF7BEC31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp2:*:*:*:*:*:*",
              "matchCriteriaId": "F0C9DEFD-F626-43B4-84E8-665CCED9BBEC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp3:*:*:*:*:*:*",
              "matchCriteriaId": "B4784B3C-FE9A-4D24-8C54-5733B775A36E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp4:*:*:*:*:*:*",
              "matchCriteriaId": "AE9F3357-AF23-4DE5-A026-862A08522137",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp5:*:*:*:*:*:*",
              "matchCriteriaId": "04D3F6B0-AF46-44F0-BA93-4154C84E23C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp6:*:*:*:*:*:*",
              "matchCriteriaId": "62FF3DAA-5693-438C-89EB-1DF6765DB66C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp7:*:*:*:*:*:*",
              "matchCriteriaId": "E7B0A924-F4E1-4F82-9FCC-12EDBC76867C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp8:*:*:*:*:*:*",
              "matchCriteriaId": "925077BB-0D08-4655-805E-F685DAE049F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.2:fp9:*:*:*:*:*:*",
              "matchCriteriaId": "A77736D2-8351-405D-88F7-14AE37AA1AA1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the JDBC Applet Server Service (aka db2jds) in IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service (service crash) via \"malicious packets.\""
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad sin especificar en el JDBC Applet Server Service (tambi\u00e9n conocido como db2jds) en IBM DB2 UDB 8 anterior al fixpack 17, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de servicio) a trav\u00e9s de \"paquetes maliciosos\"."
    }
  ],
  "id": "CVE-2008-3960",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-09-11T01:13:47.570",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/48148"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31787"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21318189"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR29274"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/31058"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1020826"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44984"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/48148"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31787"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21318189"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR29274"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/31058"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020826"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44984"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2008-3858

Vulnerability from fkie_nvd - Published: 2008-08-28 17:41 - Updated: 2025-04-09 00:30

Severity ?

Summary

The Downlevel DB2RA Support component in IBM DB2 9.1 before Fixpak 4a allows remote attackers to cause a denial of service (instance crash) via a crafted CONNECT data stream that simulates a V7 client connect request.

References

URL	Tags
cve@mitre.org	http://osvdb.org/48428
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ07299	Patch
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
cve@mitre.org	http://www.securityfocus.com/bid/29601	Patch
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/45138
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/48428
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ07299	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/29601	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/45138

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "0D925911-6225-4B31-9C19-EF40360A9FB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "1961E7E9-35A4-4721-A081-E08D88FC1F42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "806CC0EE-9779-4676-A1FB-13878BAE42F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "C31FA827-1D6D-471A-8246-D39AF6AD0F83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "9446F75C-BE15-4DAE-9B96-E80F0EF24C0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:aix:*:*:*:*:*",
              "matchCriteriaId": "640F9988-7F33-4440-AB63-2743237BF2B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "C6F52E0B-24A2-4942-9256-ADBBEE3C1BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:linux:*:*:*:*:*",
              "matchCriteriaId": "627E56A7-98F1-4A94-9F76-4C6A9365616B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:solaris:*:*:*:*:*",
              "matchCriteriaId": "9DBCE5C1-CE78-4DEA-A6E7-35B2525052E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:windows:*:*:*:*:*",
              "matchCriteriaId": "CC92F759-749C-4E6A-83B3-C8ADB333054F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:aix:*:*:*:*:*",
              "matchCriteriaId": "30FD4DEA-CB8C-4E90-BE9E-B5C6225371A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "24FE6316-E7FB-474B-B61B-38F72D6EE632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:linux:*:*:*:*:*",
              "matchCriteriaId": "45610195-E2DF-480B-898B-32EE8707D3E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:solaris:*:*:*:*:*",
              "matchCriteriaId": "D16FC5E6-87A6-4594-8E1F-8DEBA7A7326B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:windows:*:*:*:*:*",
              "matchCriteriaId": "F1503B4A-3C40-45E4-9C2F-347CDF419752",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:aix:*:*:*:*:*",
              "matchCriteriaId": "3F54309A-BA0E-447A-A115-DDBC20F6B2FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "55F55D9D-3016-4AB1-84B3-20FEE3CD0A98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:linux:*:*:*:*:*",
              "matchCriteriaId": "C518666C-29DE-45C0-A68D-74B5E2CEBBBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:solaris:*:*:*:*:*",
              "matchCriteriaId": "C9C156A0-A869-4D16-955D-EC9A6696260C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:windows:*:*:*:*:*",
              "matchCriteriaId": "A3BD177C-6CF6-463D-8999-830DA1BF3E38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:aix:*:*:*:*:*",
              "matchCriteriaId": "059C886A-FA0B-40DE-A573-A2B4BE7A14BD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Downlevel DB2RA Support component in IBM DB2 9.1 before Fixpak 4a allows remote attackers to cause a denial of service (instance crash) via a crafted CONNECT data stream that simulates a V7 client connect request."
    },
    {
      "lang": "es",
      "value": "El componente Downlevel DB2RA Support en IBM DB2 9.1 antes de Fixpak 4a permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de instancia) mediante un flujo de datos CONNECT manipulado que simula una petici\u00f3n de conexi\u00f3n de cliente V7."
    }
  ],
  "id": "CVE-2008-3858",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-08-28T17:41:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/48428"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ07299"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45138"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/48428"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ07299"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45138"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2008-3855

Vulnerability from fkie_nvd - Published: 2008-08-28 17:41 - Updated: 2025-04-09 00:30

Severity ?

Summary

Unspecified vulnerability in the DB2 Administration Server (DAS) in the Core DAS function component in IBM DB2 9.1 before Fixpak 5 allows local users to gain privileges, aka a "FILE CREATION VULNERABILITY." NOTE: this may be the same as CVE-2007-5664.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/30558	Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12735
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
cve@mitre.org	http://www.securityfocus.com/bid/29601
cve@mitre.org	http://www.vupen.com/english/advisories/2008/1769
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/42932
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30558	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12735
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/29601
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1769
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/42932

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "0D925911-6225-4B31-9C19-EF40360A9FB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "1961E7E9-35A4-4721-A081-E08D88FC1F42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "806CC0EE-9779-4676-A1FB-13878BAE42F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "C31FA827-1D6D-471A-8246-D39AF6AD0F83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "9446F75C-BE15-4DAE-9B96-E80F0EF24C0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:aix:*:*:*:*:*",
              "matchCriteriaId": "640F9988-7F33-4440-AB63-2743237BF2B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "C6F52E0B-24A2-4942-9256-ADBBEE3C1BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:linux:*:*:*:*:*",
              "matchCriteriaId": "627E56A7-98F1-4A94-9F76-4C6A9365616B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:solaris:*:*:*:*:*",
              "matchCriteriaId": "9DBCE5C1-CE78-4DEA-A6E7-35B2525052E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:windows:*:*:*:*:*",
              "matchCriteriaId": "CC92F759-749C-4E6A-83B3-C8ADB333054F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:aix:*:*:*:*:*",
              "matchCriteriaId": "30FD4DEA-CB8C-4E90-BE9E-B5C6225371A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "24FE6316-E7FB-474B-B61B-38F72D6EE632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:linux:*:*:*:*:*",
              "matchCriteriaId": "45610195-E2DF-480B-898B-32EE8707D3E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:solaris:*:*:*:*:*",
              "matchCriteriaId": "D16FC5E6-87A6-4594-8E1F-8DEBA7A7326B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:windows:*:*:*:*:*",
              "matchCriteriaId": "F1503B4A-3C40-45E4-9C2F-347CDF419752",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:aix:*:*:*:*:*",
              "matchCriteriaId": "3F54309A-BA0E-447A-A115-DDBC20F6B2FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "55F55D9D-3016-4AB1-84B3-20FEE3CD0A98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:linux:*:*:*:*:*",
              "matchCriteriaId": "C518666C-29DE-45C0-A68D-74B5E2CEBBBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:solaris:*:*:*:*:*",
              "matchCriteriaId": "C9C156A0-A869-4D16-955D-EC9A6696260C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:windows:*:*:*:*:*",
              "matchCriteriaId": "A3BD177C-6CF6-463D-8999-830DA1BF3E38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:aix:*:*:*:*:*",
              "matchCriteriaId": "059C886A-FA0B-40DE-A573-A2B4BE7A14BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "7D21AED3-42E7-4C07-8DD3-4DFCC40E1460",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:linux:*:*:*:*:*",
              "matchCriteriaId": "240239CD-9E05-46E0-A42C-13DB5EE8F436",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:solaris:*:*:*:*:*",
              "matchCriteriaId": "BE002DF4-F5FF-4505-8722-37ACCDB2EC11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:windows:*:*:*:*:*",
              "matchCriteriaId": "77828856-BFE6-4D31-90C1-CDB189BA95AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the DB2 Administration Server (DAS) in the Core DAS function component in IBM DB2 9.1 before Fixpak 5 allows local users to gain privileges, aka a \"FILE CREATION VULNERABILITY.\" NOTE: this may be the same as CVE-2007-5664."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad no especificada en DB2 Administration Server (DAS) en el componente de la funci\u00f3n Core DAS de IBM DB2 9.1 antes de Fixpak 5 permite a usuarios locales obtener privilegios, tambi\u00e9n conocido como \"VULNERABILIDAD DE CREACI\u00d3N DE ARCHIVO\". NOTA: esto podr\u00eda ser lo mismo que CVE-2007-5664."
    }
  ],
  "id": "CVE-2008-3855",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": true,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-08-28T17:41:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30558"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12735"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/1769"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42932"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30558"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12735"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1769"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42932"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        },
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2008-3854

Vulnerability from fkie_nvd - Published: 2008-08-28 17:41 - Updated: 2025-04-09 00:30

Severity ?

Summary

Multiple stack-based buffer overflows in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 1 allow remote attackers to cause a denial of service (system outage) via vectors related to (1) use of XQuery to issue statements; the (2) XMLQUERY, (3) XMLEXISTS, and (4) XMLTABLE statements; and the (5) sqlrlaka function.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/30558	Patch, Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ16346	Patch
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18431
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18434	Patch
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
cve@mitre.org	http://www.securityfocus.com/archive/1/496406/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/29601	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2008/1769	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/42930
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/42935
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30558	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ16346	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18431
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18434	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/496406/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/29601	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1769	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/42930
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/42935

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "0D925911-6225-4B31-9C19-EF40360A9FB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "1961E7E9-35A4-4721-A081-E08D88FC1F42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "806CC0EE-9779-4676-A1FB-13878BAE42F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "C31FA827-1D6D-471A-8246-D39AF6AD0F83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "9446F75C-BE15-4DAE-9B96-E80F0EF24C0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:aix:*:*:*:*:*",
              "matchCriteriaId": "640F9988-7F33-4440-AB63-2743237BF2B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "C6F52E0B-24A2-4942-9256-ADBBEE3C1BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:linux:*:*:*:*:*",
              "matchCriteriaId": "627E56A7-98F1-4A94-9F76-4C6A9365616B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:solaris:*:*:*:*:*",
              "matchCriteriaId": "9DBCE5C1-CE78-4DEA-A6E7-35B2525052E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:windows:*:*:*:*:*",
              "matchCriteriaId": "CC92F759-749C-4E6A-83B3-C8ADB333054F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:aix:*:*:*:*:*",
              "matchCriteriaId": "30FD4DEA-CB8C-4E90-BE9E-B5C6225371A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "24FE6316-E7FB-474B-B61B-38F72D6EE632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:linux:*:*:*:*:*",
              "matchCriteriaId": "45610195-E2DF-480B-898B-32EE8707D3E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:solaris:*:*:*:*:*",
              "matchCriteriaId": "D16FC5E6-87A6-4594-8E1F-8DEBA7A7326B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:windows:*:*:*:*:*",
              "matchCriteriaId": "F1503B4A-3C40-45E4-9C2F-347CDF419752",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:aix:*:*:*:*:*",
              "matchCriteriaId": "3F54309A-BA0E-447A-A115-DDBC20F6B2FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "55F55D9D-3016-4AB1-84B3-20FEE3CD0A98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:linux:*:*:*:*:*",
              "matchCriteriaId": "C518666C-29DE-45C0-A68D-74B5E2CEBBBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:solaris:*:*:*:*:*",
              "matchCriteriaId": "C9C156A0-A869-4D16-955D-EC9A6696260C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:windows:*:*:*:*:*",
              "matchCriteriaId": "A3BD177C-6CF6-463D-8999-830DA1BF3E38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:aix:*:*:*:*:*",
              "matchCriteriaId": "059C886A-FA0B-40DE-A573-A2B4BE7A14BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "7D21AED3-42E7-4C07-8DD3-4DFCC40E1460",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:linux:*:*:*:*:*",
              "matchCriteriaId": "240239CD-9E05-46E0-A42C-13DB5EE8F436",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:solaris:*:*:*:*:*",
              "matchCriteriaId": "BE002DF4-F5FF-4505-8722-37ACCDB2EC11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:windows:*:*:*:*:*",
              "matchCriteriaId": "77828856-BFE6-4D31-90C1-CDB189BA95AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:aix:*:*:*:*:*",
              "matchCriteriaId": "55D8F159-5A2D-4CB6-A7B9-7DCF8A9B82C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "F7E8AA7B-4E40-41B9-8940-95B5F00E11DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:linux:*:*:*:*:*",
              "matchCriteriaId": "C91A9870-C75D-4B49-B1F5-E9CF054D3CA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "B7C7E16D-AC11-4FC0-9534-799926E525EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:windows:*:*:*:*:*",
              "matchCriteriaId": "C1B953D1-0B8F-4C6F-8485-E5E942593015",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple stack-based buffer overflows in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 1 allow remote attackers to cause a denial of service (system outage) via vectors related to (1) use of XQuery to issue statements; the (2) XMLQUERY, (3) XMLEXISTS, and (4) XMLTABLE statements; and the (5) sqlrlaka function."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de b\u00fafer en la regi\u00f3n stack de la memoria en DB2 de IBM versi\u00f3n 9.1 anterior a Fixpak 5 y versi\u00f3n 9.5 anterior a Fixpak 1, permite a atacantes remotos causar una denegaci\u00f3n de servicio (interrupci\u00f3n del sistema) por medio de vectores relacionados con (1) el uso de XQuery para emitir sentencias; las sentencias (2)  XMLQUERY, (3) XMLEXISTS y (4) XMLTABLE; y (5) la funci\u00f3n sqlrlaka."
    }
  ],
  "id": "CVE-2008-3854",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-08-28T17:41:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30558"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ16346"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18431"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18434"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/496406/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/1769"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42930"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42935"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30558"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ16346"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18431"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18434"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/496406/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/1769"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42930"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42935"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2008-3853

Vulnerability from fkie_nvd - Published: 2008-08-28 17:41 - Updated: 2025-04-09 00:30

Severity ?

Summary

Buffer overflow in the DAS server program in the Core DAS function component in IBM DB2 9.1 before FP4a and 9.5 before FP1 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via unspecified vectors. NOTE: this might be related to CVE-2007-3676.

References

URL	Tags
cve@mitre.org	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
cve@mitre.org	http://secunia.com/advisories/29784
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ12406
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12379	Patch
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
cve@mitre.org	http://www.securityfocus.com/bid/29601	Patch
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/45141
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29784
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ12406
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12379	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/29601	Patch
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/45141

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "0D925911-6225-4B31-9C19-EF40360A9FB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "1961E7E9-35A4-4721-A081-E08D88FC1F42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "806CC0EE-9779-4676-A1FB-13878BAE42F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "C31FA827-1D6D-471A-8246-D39AF6AD0F83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:aix:*:*:*:*:*",
              "matchCriteriaId": "640F9988-7F33-4440-AB63-2743237BF2B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "C6F52E0B-24A2-4942-9256-ADBBEE3C1BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:linux:*:*:*:*:*",
              "matchCriteriaId": "627E56A7-98F1-4A94-9F76-4C6A9365616B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:solaris:*:*:*:*:*",
              "matchCriteriaId": "9DBCE5C1-CE78-4DEA-A6E7-35B2525052E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:aix:*:*:*:*:*",
              "matchCriteriaId": "30FD4DEA-CB8C-4E90-BE9E-B5C6225371A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "24FE6316-E7FB-474B-B61B-38F72D6EE632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:linux:*:*:*:*:*",
              "matchCriteriaId": "45610195-E2DF-480B-898B-32EE8707D3E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:solaris:*:*:*:*:*",
              "matchCriteriaId": "D16FC5E6-87A6-4594-8E1F-8DEBA7A7326B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:aix:*:*:*:*:*",
              "matchCriteriaId": "3F54309A-BA0E-447A-A115-DDBC20F6B2FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "55F55D9D-3016-4AB1-84B3-20FEE3CD0A98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:linux:*:*:*:*:*",
              "matchCriteriaId": "C518666C-29DE-45C0-A68D-74B5E2CEBBBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:solaris:*:*:*:*:*",
              "matchCriteriaId": "C9C156A0-A869-4D16-955D-EC9A6696260C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer overflow in the DAS server program in the Core DAS function component in IBM DB2 9.1 before FP4a and 9.5 before FP1 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via unspecified vectors. NOTE: this might be related to CVE-2007-3676."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de b\u00fafer en el programa DAS server en el componente de la funci\u00f3n Core DAS en IBM DB2 9.1 antes del Fixpak 4a permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n o provocar una denegaci\u00f3n de servicio (ca\u00edda del demonio) mediante vectores no especificados. NOTA: esto podr\u00eda estar relacionado con CVE-2008-0698."
    }
  ],
  "id": "CVE-2008-3853",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-08-28T17:41:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/29784"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ12406"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12379"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45141"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/29784"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ12406"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12379"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45141"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2008-3857

Vulnerability from fkie_nvd - Published: 2008-08-28 17:41 - Updated: 2025-04-09 00:30

Severity ?

Summary

The Base Service Utilities component in IBM DB2 9.1 before Fixpak 5 retains a cleartext password in memory after the database connection that sent the password is fully established, which might allow local users to obtain sensitive information by reading a memory dump.

References

URL	Tags
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1JR27422
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
cve@mitre.org	http://www.securityfocus.com/bid/29601
cve@mitre.org	http://www.vupen.com/english/advisories/2008/1769
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/45139
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1JR27422
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/29601
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1769
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/45139

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "0D925911-6225-4B31-9C19-EF40360A9FB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "1961E7E9-35A4-4721-A081-E08D88FC1F42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "806CC0EE-9779-4676-A1FB-13878BAE42F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "C31FA827-1D6D-471A-8246-D39AF6AD0F83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "9446F75C-BE15-4DAE-9B96-E80F0EF24C0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:aix:*:*:*:*:*",
              "matchCriteriaId": "640F9988-7F33-4440-AB63-2743237BF2B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "C6F52E0B-24A2-4942-9256-ADBBEE3C1BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:linux:*:*:*:*:*",
              "matchCriteriaId": "627E56A7-98F1-4A94-9F76-4C6A9365616B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:solaris:*:*:*:*:*",
              "matchCriteriaId": "9DBCE5C1-CE78-4DEA-A6E7-35B2525052E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:windows:*:*:*:*:*",
              "matchCriteriaId": "CC92F759-749C-4E6A-83B3-C8ADB333054F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:aix:*:*:*:*:*",
              "matchCriteriaId": "30FD4DEA-CB8C-4E90-BE9E-B5C6225371A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "24FE6316-E7FB-474B-B61B-38F72D6EE632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:linux:*:*:*:*:*",
              "matchCriteriaId": "45610195-E2DF-480B-898B-32EE8707D3E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:solaris:*:*:*:*:*",
              "matchCriteriaId": "D16FC5E6-87A6-4594-8E1F-8DEBA7A7326B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:windows:*:*:*:*:*",
              "matchCriteriaId": "F1503B4A-3C40-45E4-9C2F-347CDF419752",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "55F55D9D-3016-4AB1-84B3-20FEE3CD0A98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:solaris:*:*:*:*:*",
              "matchCriteriaId": "C9C156A0-A869-4D16-955D-EC9A6696260C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:windows:*:*:*:*:*",
              "matchCriteriaId": "A3BD177C-6CF6-463D-8999-830DA1BF3E38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:aix:*:*:*:*:*",
              "matchCriteriaId": "059C886A-FA0B-40DE-A573-A2B4BE7A14BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "7D21AED3-42E7-4C07-8DD3-4DFCC40E1460",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:linux:*:*:*:*:*",
              "matchCriteriaId": "240239CD-9E05-46E0-A42C-13DB5EE8F436",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:solaris:*:*:*:*:*",
              "matchCriteriaId": "BE002DF4-F5FF-4505-8722-37ACCDB2EC11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:windows:*:*:*:*:*",
              "matchCriteriaId": "77828856-BFE6-4D31-90C1-CDB189BA95AD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Base Service Utilities component in IBM DB2 9.1 before Fixpak 5 retains a cleartext password in memory after the database connection that sent the password is fully established, which might allow local users to obtain sensitive information by reading a memory dump."
    },
    {
      "lang": "es",
      "value": "El componente Base Service Utilities en IBM DB2 9.1 antes de Fixpak 5 conserva una contrase\u00f1a en texto claro en memoria despu\u00e9s de que la conexi\u00f3n a la base de datos que env\u00eda la contrase\u00f1a est\u00e1 totalmente establecida, lo que podr\u00eda permitir a usuarios locales obtener informaci\u00f3n sensible leyendo una descarga de memoria."
    }
  ],
  "id": "CVE-2008-3857",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-08-28T17:41:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR27422"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/1769"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45139"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR27422"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1769"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45139"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2008-3856

Vulnerability from fkie_nvd - Published: 2008-08-28 17:41 - Updated: 2025-04-09 00:30

Severity ?

Summary

The routine infrastructure component in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP1 on Unix and Linux does not change the ownership of the db2fmp process, which has unknown impact and attack vectors.

References

URL	Tags
cve@mitre.org	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
cve@mitre.org	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
cve@mitre.org	http://secunia.com/advisories/29784	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/31787	Vendor Advisory
cve@mitre.org	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ19155	Patch
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20350
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20352	Patch
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
cve@mitre.org	http://www.securityfocus.com/bid/29601	Patch
cve@mitre.org	http://www.securityfocus.com/bid/31058
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/45140
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
af854a3a-2127-422b-91ae-364da2661108	ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29784	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31787	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-01.ibm.com/support/docview.wss?uid=swg1IZ19155	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20350
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20352	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/29601	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/31058
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/45140

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.0
ibm	db2_universal_database	8.0
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp16:aix:*:*:*:*:*",
              "matchCriteriaId": "177EB7BB-7987-4E33-8020-2A8D9A6157CD",
              "versionEndIncluding": "8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp16:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "A602F842-9133-48F0-A46A-CC297A0CA478",
              "versionEndIncluding": "8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp16:linux:*:*:*:*:*",
              "matchCriteriaId": "6053CF9A-AF05-4EE2-832D-75CFFDD6A035",
              "versionEndIncluding": "8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp16:solaris:*:*:*:*:*",
              "matchCriteriaId": "9619C4A9-0834-4BC6-BDE6-9CD0636032F3",
              "versionEndIncluding": "8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp4a:aix:*:*:*:*:*",
              "matchCriteriaId": "331365ED-6901-41B1-8CAB-BD4924348983",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp4a:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "2973E5EC-D98D-4229-82DE-38D2B2B10FE3",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp4a:linux:*:*:*:*:*",
              "matchCriteriaId": "FCBE6932-DF7C-4A07-94AE-A1B962A26201",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp4a:solaris:*:*:*:*:*",
              "matchCriteriaId": "A1C99EB8-D889-4322-AEBD-941575E26B66",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp1:aix:*:*:*:*:*",
              "matchCriteriaId": "E9D53A45-A270-47A6-8E52-4EFD20B60454",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp1:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "1DC0FD0B-BB91-4881-8BEF-2FF5DEE799FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp1:linux:*:*:*:*:*",
              "matchCriteriaId": "C4D89C55-70BA-4DEB-A3CB-93F1F01BBB8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp10:aix:*:*:*:*:*",
              "matchCriteriaId": "F805BA54-A413-46EC-A1C0-EEE5A8FB3C5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp10:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "DAA10457-D52B-4AE5-8635-E072B5E25662",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp10:linux:*:*:*:*:*",
              "matchCriteriaId": "F9EF7B04-D200-4648-AD26-D78BD8B032FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp10:solaris:*:*:*:*:*",
              "matchCriteriaId": "EB3DA89D-B79A-4B02-A287-C505D1FE8004",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp11:aix:*:*:*:*:*",
              "matchCriteriaId": "D52430A4-018F-4342-A1F5-4093CBBCFFED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp11:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "7A1C82E1-F8EF-40CD-ACDD-081FFC268FBE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp11:linux:*:*:*:*:*",
              "matchCriteriaId": "C1B22E99-C013-49B3-BE3E-DB9DB685CA03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp11:solaris:*:*:*:*:*",
              "matchCriteriaId": "9173E3FB-1DA9-4DD8-A08F-8A730BEB27B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp12:aix:*:*:*:*:*",
              "matchCriteriaId": "58D0932B-A52A-48BB-ADFB-AEB17FCF69E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp12:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "F63AA153-396F-43AC-8CB0-8E27F119FF5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp12:linux:*:*:*:*:*",
              "matchCriteriaId": "7C132382-0C33-4E9B-878B-2C626D34DB10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp12:solaris:*:*:*:*:*",
              "matchCriteriaId": "C1C093DF-FCD2-47FC-8C8E-1468A5FA06B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp13:aix:*:*:*:*:*",
              "matchCriteriaId": "27E209D3-741C-4BD6-AE5A-A52C0C0EAEA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp13:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "AA4A6254-B6BB-42DB-9E2F-7AA960AD8C41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp13:linux:*:*:*:*:*",
              "matchCriteriaId": "BEBC3282-413E-4A0C-BDEA-B5671BF51F71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp13:solaris:*:*:*:*:*",
              "matchCriteriaId": "45802AC3-78BB-4190-AB93-B67F586B94C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp14:aix:*:*:*:*:*",
              "matchCriteriaId": "99270F25-D30F-4120-9FA2-35C39CEEC8B6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp14:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "BDD49D30-7ACF-4A33-B92D-C66BE9929BE0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp14:linux:*:*:*:*:*",
              "matchCriteriaId": "3664CEE2-0449-452B-A934-170F0349A57C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp14:solaris:*:*:*:*:*",
              "matchCriteriaId": "4A9A7663-3322-45A9-A5D8-E0970336F68D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp15:aix:*:*:*:*:*",
              "matchCriteriaId": "D6B6EAB4-5A66-4BEB-B38B-DA0124DD6F57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp15:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "9BC307F3-A9A0-4C48-8983-64B1B237AAF2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp15:linux:*:*:*:*:*",
              "matchCriteriaId": "44C9C5AF-26E2-4C0F-9816-0CF3EE02A838",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp15:solaris:*:*:*:*:*",
              "matchCriteriaId": "68018945-8F40-436E-9981-4C3B62EAD28E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp2:aix:*:*:*:*:*",
              "matchCriteriaId": "A24425DA-1FAC-43BC-86F3-1E561277AF52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp2:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "23BB5DCC-CC6E-4118-B0D4-DEE6EA54D05A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp2:linux:*:*:*:*:*",
              "matchCriteriaId": "E6097C8C-41B1-4CC8-AAD3-3731D103093B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp2:solaris:*:*:*:*:*",
              "matchCriteriaId": "1DF33116-6CB4-48B2-BF23-632F185EB7CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp3:aix:*:*:*:*:*",
              "matchCriteriaId": "6A3A0A74-100A-4B37-8D45-3F59FE403D63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp3:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "741D3457-DA96-4AF1-A036-7FAF640C8D27",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp3:linux:*:*:*:*:*",
              "matchCriteriaId": "D55F0E1F-2905-4ABC-9A9B-FF62299F679D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp3:solaris:*:*:*:*:*",
              "matchCriteriaId": "12EB2606-33BE-4253-94B7-43E76F0BB430",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4:aix:*:*:*:*:*",
              "matchCriteriaId": "55E1A553-1786-489D-9BE2-60D7348FD8F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "E8C502A3-56DA-4104-BCAC-3E5D454D49F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4:linux:*:*:*:*:*",
              "matchCriteriaId": "F98FA787-A7E7-45BA-A3DC-F25C2FC74A10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4:solaris:*:*:*:*:*",
              "matchCriteriaId": "2C8DA7D4-0375-412A-9DDF-E31D6D1CD5C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4a:aix:*:*:*:*:*",
              "matchCriteriaId": "58F68270-C74E-415E-A8C1-3FE5940B8DD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4a:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "F677E182-A145-42D0-8580-8467279938CF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4a:linux:*:*:*:*:*",
              "matchCriteriaId": "D02E2CF9-CE08-4B0B-ADD5-1A9AE7DE8B62",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp4a:solaris:*:*:*:*:*",
              "matchCriteriaId": "AB99106D-14C9-4E95-92BA-0DDF1EF48B29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp5:aix:*:*:*:*:*",
              "matchCriteriaId": "36A0742E-E958-4328-B9A8-2D4BA883926F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp5:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "13FE19E6-67FD-450F-9129-8DCF4707C0BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp5:linux:*:*:*:*:*",
              "matchCriteriaId": "8A8E27E2-4470-40B6-BE35-3B96D375D891",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp5:solaris:*:*:*:*:*",
              "matchCriteriaId": "045B87AF-476D-4A13-88E4-C0ADF8F1374D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6:aix:*:*:*:*:*",
              "matchCriteriaId": "16E17C4B-C233-4C27-90DF-34802571EFBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "B2C32CFE-2C37-44B4-B05F-B4B41ADEEB17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6:linux:*:*:*:*:*",
              "matchCriteriaId": "A32039C1-C940-4ACC-8236-6C48286CD8EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6:solaris:*:*:*:*:*",
              "matchCriteriaId": "9E792924-8741-42EA-B091-521A8D806393",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6a:aix:*:*:*:*:*",
              "matchCriteriaId": "1BCDD273-AA59-427A-A13C-21D2D18862C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6a:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "63FB9C7D-72AB-40B8-B9A0-107707AB970D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6a:linux:*:*:*:*:*",
              "matchCriteriaId": "BFDEB3C4-261D-4A44-898F-0972C4E0BADD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6a:solaris:*:*:*:*:*",
              "matchCriteriaId": "711D578D-53FA-4FE3-87D4-49E8A6B27645",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6b:aix:*:*:*:*:*",
              "matchCriteriaId": "8AC7F72B-8BC0-4186-9EA7-B1B4CF4DE029",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6b:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "492DF384-0687-409F-A416-D545E3CA4B1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6b:linux:*:*:*:*:*",
              "matchCriteriaId": "A1ACA5ED-C596-48A4-A60F-AF29457D8E55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6b:solaris:*:*:*:*:*",
              "matchCriteriaId": "17C07869-F96F-409A-A5A8-DAEF37513442",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6c:aix:*:*:*:*:*",
              "matchCriteriaId": "0A7DFEC9-AF38-457A-A4E6-77EFFDEC6E8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6c:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "BEF40CF8-4858-4AD2-9136-B9E7742609E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6c:linux:*:*:*:*:*",
              "matchCriteriaId": "02AEA3AF-76F2-479E-97FF-259228157219",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp6c:solaris:*:*:*:*:*",
              "matchCriteriaId": "D9C4CF66-D4BA-4C00-8891-BEEB0DD665A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7:aix:*:*:*:*:*",
              "matchCriteriaId": "28589727-AE9E-4181-8B41-46192B593E98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "F458C66B-ACE1-4315-A8CC-4CEFAD41028D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7:linux:*:*:*:*:*",
              "matchCriteriaId": "83642434-B93C-450B-99EA-270008B4E37D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7:solaris:*:*:*:*:*",
              "matchCriteriaId": "F2AD8AC6-239A-4CFE-9D9E-8A841A867725",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7a:aix:*:*:*:*:*",
              "matchCriteriaId": "5187C464-0B04-4D29-8700-F4D9359F0564",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7a:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "9A1A163A-AA78-48E1-9C86-C8A1A1A29929",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7a:linux:*:*:*:*:*",
              "matchCriteriaId": "20AC001E-4C76-42CB-A8BC-790BD0C39F98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7a:solaris:*:*:*:*:*",
              "matchCriteriaId": "4B4F776B-5914-4BDE-9C2F-84E3795FA788",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7b:aix:*:*:*:*:*",
              "matchCriteriaId": "11D13957-FDE1-4B00-8753-BA94C0DAA249",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7b:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "C18FB58D-6EC6-4CDD-912B-18A17F7E957B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7b:linux:*:*:*:*:*",
              "matchCriteriaId": "2045E0EA-B405-4BF0-A817-34E79317F46F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp7b:solaris:*:*:*:*:*",
              "matchCriteriaId": "4541F041-F2F4-4491-BDBE-4215A75E832C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8:aix:*:*:*:*:*",
              "matchCriteriaId": "2F7D3287-9D4C-4AA7-8232-3543369397CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "BA5B0AA2-E067-4FFF-ADE1-145D8A1C1B9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8:linux:*:*:*:*:*",
              "matchCriteriaId": "0C35EA9D-DEFE-4B81-B5C9-51103273F661",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8:solaris:*:*:*:*:*",
              "matchCriteriaId": "C92BCF46-BEBF-433C-A095-44E6F7A16E3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8a:aix:*:*:*:*:*",
              "matchCriteriaId": "308D7247-F21E-4199-BA14-FE318637F3C9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8a:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "84E99600-0016-4FD9-BFC9-D2CD913012BB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8a:linux:*:*:*:*:*",
              "matchCriteriaId": "0CBA4D6B-4C07-4780-8760-00F82D0016E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp8a:solaris:*:*:*:*:*",
              "matchCriteriaId": "332C4CED-4E32-48C6-BF91-43409E0C7D8D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9:aix:*:*:*:*:*",
              "matchCriteriaId": "1F5AD43F-1D06-447F-8B66-89207DE3AECA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "CEC1C774-2AD9-4EBA-AB11-70135F20D006",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9:linux:*:*:*:*:*",
              "matchCriteriaId": "5CE1E38B-FEA7-45CE-A50E-A4670AB925EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9:solaris:*:*:*:*:*",
              "matchCriteriaId": "BDC3F77B-9C7C-4D56-B575-FFFF0AD51E3F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9a:aix:*:*:*:*:*",
              "matchCriteriaId": "F9D03647-B68E-4950-A718-7E83135A8BE8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9a:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "27F207B6-B5E8-4972-B315-106F4903B8B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9a:linux:*:*:*:*:*",
              "matchCriteriaId": "C934F5CD-7E30-497E-9DD8-BB92646B81E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8:fp9a:solaris:*:*:*:*:*",
              "matchCriteriaId": "43D68C54-E197-43AD-94CF-AA2CF1B2D76C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:aix:*:*:*:*:*",
              "matchCriteriaId": "95E13DED-D8B2-4895-8540-B0C59CB6E672",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "628141AA-1E3C-4243-BA8F-14144ABCB980",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:linux:*:*:*:*:*",
              "matchCriteriaId": "6F180189-FA62-453A-B6F8-134FE12805EE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:8.0:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "0656D0A4-E09E-4C5E-9270-931433598B7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "0D925911-6225-4B31-9C19-EF40360A9FB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:hp_ux:*:*:*:*:*",
              "matchCriteriaId": "1961E7E9-35A4-4721-A081-E08D88FC1F42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "806CC0EE-9779-4676-A1FB-13878BAE42F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "C31FA827-1D6D-471A-8246-D39AF6AD0F83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:aix:*:*:*:*:*",
              "matchCriteriaId": "640F9988-7F33-4440-AB63-2743237BF2B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "C6F52E0B-24A2-4942-9256-ADBBEE3C1BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:linux:*:*:*:*:*",
              "matchCriteriaId": "627E56A7-98F1-4A94-9F76-4C6A9365616B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:solaris:*:*:*:*:*",
              "matchCriteriaId": "9DBCE5C1-CE78-4DEA-A6E7-35B2525052E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:aix:*:*:*:*:*",
              "matchCriteriaId": "30FD4DEA-CB8C-4E90-BE9E-B5C6225371A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "24FE6316-E7FB-474B-B61B-38F72D6EE632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:linux:*:*:*:*:*",
              "matchCriteriaId": "45610195-E2DF-480B-898B-32EE8707D3E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:solaris:*:*:*:*:*",
              "matchCriteriaId": "D16FC5E6-87A6-4594-8E1F-8DEBA7A7326B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:aix:*:*:*:*:*",
              "matchCriteriaId": "3F54309A-BA0E-447A-A115-DDBC20F6B2FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "55F55D9D-3016-4AB1-84B3-20FEE3CD0A98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:linux:*:*:*:*:*",
              "matchCriteriaId": "C518666C-29DE-45C0-A68D-74B5E2CEBBBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:solaris:*:*:*:*:*",
              "matchCriteriaId": "C9C156A0-A869-4D16-955D-EC9A6696260C",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The routine infrastructure component in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP1 on Unix and Linux does not change the ownership of the db2fmp process, which has unknown impact and attack vectors."
    },
    {
      "lang": "es",
      "value": "El componente routine infrastructure en DB2 de IBM versi\u00f3n 8 anterior a FP17, versi\u00f3n 9.1 anterior a FP5 y versi\u00f3n 9.5 anterior a FP1, en Unix y Linux,  no cambia la propiedad del proceso db2fmp, que presenta un impacto y vectores de ataque desconocidos."
    }
  ],
  "id": "CVE-2008-3856",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-08-28T17:41:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
    },
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29784"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31787"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ19155"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20350"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20352"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/31058"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45140"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29784"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31787"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ19155"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20350"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20352"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/31058"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45140"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

FKIE_CVE-2008-3852

Vulnerability from fkie_nvd - Published: 2008-08-28 17:41 - Updated: 2025-04-09 00:30

Severity ?

Summary

Unspecified vulnerability in the CLR stored procedure deployment from IBM Database Add-Ins for Visual Studio in the Visual Studio Net component in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 2 allows remote authenticated users to execute arbitrary code via unknown vectors.

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/30558	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/31635	Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1JR28431	Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg1JR28432	Vendor Advisory
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
cve@mitre.org	http://www-1.ibm.com/support/docview.wss?uid=swg21293566
cve@mitre.org	http://www.securityfocus.com/archive/1/496405/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/29601
cve@mitre.org	http://www.securitytracker.com/id?1020761
cve@mitre.org	http://www.vupen.com/english/advisories/2008/1769	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2008/2445	Vendor Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/42927
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/44697
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/30558	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/31635	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1JR28431	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg1JR28432	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21255607
af854a3a-2127-422b-91ae-364da2661108	http://www-1.ibm.com/support/docview.wss?uid=swg21293566
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/496405/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/29601
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1020761
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1769	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/2445	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/42927
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/44697

Impacted products

Vendor	Product	Version
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	*
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.1
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5
ibm	db2_universal_database	9.5

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp4a:aix:*:*:*:*:*",
              "matchCriteriaId": "331365ED-6901-41B1-8CAB-BD4924348983",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp4a:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "2973E5EC-D98D-4229-82DE-38D2B2B10FE3",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp4a:linux:*:*:*:*:*",
              "matchCriteriaId": "FCBE6932-DF7C-4A07-94AE-A1B962A26201",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp4a:solaris:*:*:*:*:*",
              "matchCriteriaId": "A1C99EB8-D889-4322-AEBD-941575E26B66",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp4a:windows:*:*:*:*:*",
              "matchCriteriaId": "20167E27-8448-4747-90CA-112BF36664EC",
              "versionEndIncluding": "9.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp1:aix:*:*:*:*:*",
              "matchCriteriaId": "F1FC5B15-E438-444B-9CB7-8B33DE42AA10",
              "versionEndIncluding": "9.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp1:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "08DC6612-16D7-4EEE-8010-E69E2ADBC816",
              "versionEndIncluding": "9.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp1:linux:*:*:*:*:*",
              "matchCriteriaId": "0F5E070A-9B0C-43C7-ADF4-5C2A12E77E99",
              "versionEndIncluding": "9.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp1:solaris:*:*:*:*:*",
              "matchCriteriaId": "3F0DC286-6602-457A-A150-453A8F15F722",
              "versionEndIncluding": "9.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:*:fp1:windows:*:*:*:*:*",
              "matchCriteriaId": "C19FCA98-00D1-4529-B07C-CF07E9F2EB12",
              "versionEndIncluding": "9.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:aix:*:*:*:*:*",
              "matchCriteriaId": "0D925911-6225-4B31-9C19-EF40360A9FB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "A96437C6-D2C6-46BC-BC2D-078F6131E8E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:linux:*:*:*:*:*",
              "matchCriteriaId": "806CC0EE-9779-4676-A1FB-13878BAE42F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "C31FA827-1D6D-471A-8246-D39AF6AD0F83",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "9446F75C-BE15-4DAE-9B96-E80F0EF24C0A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:aix:*:*:*:*:*",
              "matchCriteriaId": "640F9988-7F33-4440-AB63-2743237BF2B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "C6F52E0B-24A2-4942-9256-ADBBEE3C1BE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:linux:*:*:*:*:*",
              "matchCriteriaId": "627E56A7-98F1-4A94-9F76-4C6A9365616B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:solaris:*:*:*:*:*",
              "matchCriteriaId": "9DBCE5C1-CE78-4DEA-A6E7-35B2525052E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:windows:*:*:*:*:*",
              "matchCriteriaId": "CC92F759-749C-4E6A-83B3-C8ADB333054F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:aix:*:*:*:*:*",
              "matchCriteriaId": "30FD4DEA-CB8C-4E90-BE9E-B5C6225371A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "24FE6316-E7FB-474B-B61B-38F72D6EE632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:linux:*:*:*:*:*",
              "matchCriteriaId": "45610195-E2DF-480B-898B-32EE8707D3E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:solaris:*:*:*:*:*",
              "matchCriteriaId": "D16FC5E6-87A6-4594-8E1F-8DEBA7A7326B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:windows:*:*:*:*:*",
              "matchCriteriaId": "F1503B4A-3C40-45E4-9C2F-347CDF419752",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:aix:*:*:*:*:*",
              "matchCriteriaId": "3F54309A-BA0E-447A-A115-DDBC20F6B2FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "55F55D9D-3016-4AB1-84B3-20FEE3CD0A98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:linux:*:*:*:*:*",
              "matchCriteriaId": "C518666C-29DE-45C0-A68D-74B5E2CEBBBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:solaris:*:*:*:*:*",
              "matchCriteriaId": "C9C156A0-A869-4D16-955D-EC9A6696260C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:windows:*:*:*:*:*",
              "matchCriteriaId": "A3BD177C-6CF6-463D-8999-830DA1BF3E38",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:aix:*:*:*:*:*",
              "matchCriteriaId": "55D8F159-5A2D-4CB6-A7B9-7DCF8A9B82C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:hp-ux:*:*:*:*:*",
              "matchCriteriaId": "F7E8AA7B-4E40-41B9-8940-95B5F00E11DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:linux:*:*:*:*:*",
              "matchCriteriaId": "C91A9870-C75D-4B49-B1F5-E9CF054D3CA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:solaris:*:*:*:*:*",
              "matchCriteriaId": "B7C7E16D-AC11-4FC0-9534-799926E525EB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ibm:db2_universal_database:9.5:*:windows:*:*:*:*:*",
              "matchCriteriaId": "C1B953D1-0B8F-4C6F-8485-E5E942593015",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in the CLR stored procedure deployment from IBM Database Add-Ins for Visual Studio in the Visual Studio Net component in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 2 allows remote authenticated users to execute arbitrary code via unknown vectors."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad no especificada en la implementaci\u00f3n del procedimiento almacenado CLR de Database Add-Ins de IBM para Visual Studio en el componente Visual Studio Net en DB2 de IBM versi\u00f3n 9.1 anterior a Fixpak 5 y versi\u00f3n 9.5 anterior a Fixpak 2,  permite a los usuarios autenticados remotos ejecutar c\u00f3digo arbitrario por medio de vectores desconocidos."
    }
  ],
  "id": "CVE-2008-3852",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": true,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-08-28T17:41:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30558"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31635"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR28431"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR28432"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21293566"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/496405/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1020761"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/1769"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2445"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42927"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44697"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/30558"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/31635"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR28431"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR28432"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21293566"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/496405/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/29601"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020761"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/1769"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/2445"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42927"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44697"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        },
        {
          "lang": "en",
          "value": "NVD-CWE-noinfo"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2010-3739 (GCVE-0-2010-3739)

Vulnerability from cvelistv5 – Published: 2010-10-05 17:00 – Updated: 2024-09-16 17:14

Summary

The audit facility in the Security component in IBM DB2 UDB 9.5 before FP6a uses instance-level audit settings to capture connection (aka CONNECT and AUTHENTICATION) events in certain circumstances in which database-level audit settings were intended, which might make it easier for remote attackers to connect without discovery.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	ftp://public.dhe.ibm.com/ps/products/db2/fixes/en…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:18:53.198Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "JR34218",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR34218"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The audit facility in the Security component in IBM DB2 UDB 9.5 before FP6a uses instance-level audit settings to capture connection (aka CONNECT and AUTHENTICATION) events in certain circumstances in which database-level audit settings were intended, which might make it easier for remote attackers to connect without discovery."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-10-05T17:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "JR34218",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR34218"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-3739",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The audit facility in the Security component in IBM DB2 UDB 9.5 before FP6a uses instance-level audit settings to capture connection (aka CONNECT and AUTHENTICATION) events in certain circumstances in which database-level audit settings were intended, which might make it easier for remote attackers to connect without discovery."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "JR34218",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR34218"
            },
            {
              "name": "ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-3739",
    "datePublished": "2010-10-05T17:00:00Z",
    "dateReserved": "2010-10-05T00:00:00Z",
    "dateUpdated": "2024-09-16T17:14:29.509Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-4150 (GCVE-0-2009-4150)

Vulnerability from cvelistv5 – Published: 2009-12-02 11:00 – Updated: 2024-09-16 23:35

Summary

dasauto in IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP1 permits execution by unprivileged user accounts, which has unspecified impact and local attack vectors.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	http://secunia.com/advisories/36890	third-party-advisoryx_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg…	x_refsource_CONFIRM
	http://securitytracker.com/id?1023242	vdb-entryx_refsource_SECTRACK
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	http://www.vupen.com/english/advisories/2009/3340	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/37454	third-party-advisoryx_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:54:09.420Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "IZ40343",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40343"
          },
          {
            "name": "IC64759",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC64759"
          },
          {
            "name": "36890",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36890"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21403619"
          },
          {
            "name": "1023242",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023242"
          },
          {
            "name": "IZ40340",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40340"
          },
          {
            "name": "ADV-2009-3340",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/3340"
          },
          {
            "name": "37454",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37454"
          },
          {
            "name": "IZ40352",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40352"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21386689"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "dasauto in IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP1 permits execution by unprivileged user accounts, which has unspecified impact and local attack vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-12-02T11:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "IZ40343",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40343"
        },
        {
          "name": "IC64759",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC64759"
        },
        {
          "name": "36890",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36890"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21403619"
        },
        {
          "name": "1023242",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023242"
        },
        {
          "name": "IZ40340",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40340"
        },
        {
          "name": "ADV-2009-3340",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/3340"
        },
        {
          "name": "37454",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37454"
        },
        {
          "name": "IZ40352",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40352"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21386689"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-4150",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "dasauto in IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP1 permits execution by unprivileged user accounts, which has unspecified impact and local attack vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "IZ40343",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40343"
            },
            {
              "name": "IC64759",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC64759"
            },
            {
              "name": "36890",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36890"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21403619",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21403619"
            },
            {
              "name": "1023242",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1023242"
            },
            {
              "name": "IZ40340",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40340"
            },
            {
              "name": "ADV-2009-3340",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/3340"
            },
            {
              "name": "37454",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/37454"
            },
            {
              "name": "IZ40352",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40352"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21386689",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21386689"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-4150",
    "datePublished": "2009-12-02T11:00:00Z",
    "dateReserved": "2009-12-02T00:00:00Z",
    "dateUpdated": "2024-09-16T23:35:40.423Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-0173 (GCVE-0-2009-0173)

Vulnerability from cvelistv5 – Published: 2009-01-16 21:00 – Updated: 2024-08-07 04:24

Summary

Unspecified vulnerability in the server in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote authenticated users to cause a denial of service (trap) via a crafted data stream.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	ftp://ftp.software.ibm.com/ps/products/db2/fixes/…	x_refsource_CONFIRM
	http://securitytracker.com/id?1021591	vdb-entryx_refsource_SECTRACK
	ftp://ftp.software.ibm.com/ps/products/db2/fixes/…	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	http://www-1.ibm.com/support/docview.wss?uid=swg1…	vendor-advisoryx_refsource_AIXAPAR
	ftp://ftp.software.ibm.com/ps/products/db2/fixes/…	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www-1.ibm.com/support/docview.wss?uid=swg1…	vendor-advisoryx_refsource_AIXAPAR
	http://secunia.com/advisories/33529	third-party-advisoryx_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg…	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2009/0137	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/bid/33258	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:24:17.975Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
          },
          {
            "name": "1021591",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021591"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT"
          },
          {
            "name": "IZ39652",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ39652"
          },
          {
            "name": "IZ39373",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39373"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
          },
          {
            "name": "ibm-db2-datastream-dos(47934)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47934"
          },
          {
            "name": "IZ39653",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39653"
          },
          {
            "name": "33529",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33529"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936"
          },
          {
            "name": "ADV-2009-0137",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0137"
          },
          {
            "name": "33258",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33258"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-01-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the server in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote authenticated users to cause a denial of service (trap) via a crafted data stream."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
        },
        {
          "name": "1021591",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021591"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT"
        },
        {
          "name": "IZ39652",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ39652"
        },
        {
          "name": "IZ39373",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39373"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
        },
        {
          "name": "ibm-db2-datastream-dos(47934)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47934"
        },
        {
          "name": "IZ39653",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39653"
        },
        {
          "name": "33529",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33529"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936"
        },
        {
          "name": "ADV-2009-0137",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0137"
        },
        {
          "name": "33258",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33258"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-0173",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the server in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote authenticated users to cause a denial of service (trap) via a crafted data stream."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
            },
            {
              "name": "1021591",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1021591"
            },
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT"
            },
            {
              "name": "IZ39652",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ39652"
            },
            {
              "name": "IZ39373",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39373"
            },
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
            },
            {
              "name": "ibm-db2-datastream-dos(47934)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47934"
            },
            {
              "name": "IZ39653",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39653"
            },
            {
              "name": "33529",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33529"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936"
            },
            {
              "name": "ADV-2009-0137",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0137"
            },
            {
              "name": "33258",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/33258"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-0173",
    "datePublished": "2009-01-16T21:00:00",
    "dateReserved": "2009-01-16T00:00:00",
    "dateUpdated": "2024-08-07T04:24:17.975Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-0172 (GCVE-0-2009-0172)

Vulnerability from cvelistv5 – Published: 2009-01-16 21:00 – Updated: 2024-08-07 04:24

Summary

Unspecified vulnerability in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote attackers to cause a denial of service (infinite loop) via a crafted CONNECT data stream.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	ftp://ftp.software.ibm.com/ps/products/db2/fixes/…	x_refsource_CONFIRM
	http://www-1.ibm.com/support/docview.wss?uid=swg1…	vendor-advisoryx_refsource_AIXAPAR
	http://securitytracker.com/id?1021591	vdb-entryx_refsource_SECTRACK
	ftp://ftp.software.ibm.com/ps/products/db2/fixes/…	x_refsource_CONFIRM
	ftp://ftp.software.ibm.com/ps/products/db2/fixes/…	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	http://secunia.com/advisories/33529	third-party-advisoryx_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg…	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2009/0137	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/bid/33258	vdb-entryx_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg1…	vendor-advisoryx_refsource_AIXAPAR
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:24:18.155Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
          },
          {
            "name": "IZ36534",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ36534"
          },
          {
            "name": "1021591",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021591"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
          },
          {
            "name": "IZ37696",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37696"
          },
          {
            "name": "33529",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33529"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936"
          },
          {
            "name": "ADV-2009-0137",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0137"
          },
          {
            "name": "33258",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33258"
          },
          {
            "name": "IZ37697",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ37697"
          },
          {
            "name": "ibm-db2-connect-stream-dos(47931)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47931"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-01-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote attackers to cause a denial of service (infinite loop) via a crafted CONNECT data stream."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
        },
        {
          "name": "IZ36534",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ36534"
        },
        {
          "name": "1021591",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021591"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
        },
        {
          "name": "IZ37696",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37696"
        },
        {
          "name": "33529",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33529"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936"
        },
        {
          "name": "ADV-2009-0137",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0137"
        },
        {
          "name": "33258",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33258"
        },
        {
          "name": "IZ37697",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ37697"
        },
        {
          "name": "ibm-db2-connect-stream-dos(47931)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47931"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-0172",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote attackers to cause a denial of service (infinite loop) via a crafted CONNECT data stream."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
            },
            {
              "name": "IZ36534",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ36534"
            },
            {
              "name": "1021591",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1021591"
            },
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT"
            },
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
            },
            {
              "name": "IZ37696",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37696"
            },
            {
              "name": "33529",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33529"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936"
            },
            {
              "name": "ADV-2009-0137",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0137"
            },
            {
              "name": "33258",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/33258"
            },
            {
              "name": "IZ37697",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ37697"
            },
            {
              "name": "ibm-db2-connect-stream-dos(47931)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47931"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-0172",
    "datePublished": "2009-01-16T21:00:00",
    "dateReserved": "2009-01-16T00:00:00",
    "dateUpdated": "2024-08-07T04:24:18.155Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2008-3960 (GCVE-0-2008-3960)

Vulnerability from cvelistv5 – Published: 2008-09-09 14:00 – Updated: 2024-08-07 10:00

Summary

Unspecified vulnerability in the JDBC Applet Server Service (aka db2jds) in IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service (service crash) via "malicious packets."

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	ftp://ftp.software.ibm.com/ps/products/db2/fixes/…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/31058	vdb-entryx_refsource_BID
	http://www-01.ibm.com/support/docview.wss?uid=swg…	x_refsource_CONFIRM
	http://www-1.ibm.com/support/docview.wss?uid=swg1…	vendor-advisoryx_refsource_AIXAPAR
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securitytracker.com/id?1020826	vdb-entryx_refsource_SECTRACK
	http://osvdb.org/48148	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/31787	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T10:00:41.931Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
          },
          {
            "name": "31058",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/31058"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21318189"
          },
          {
            "name": "JR29274",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR29274"
          },
          {
            "name": "db2-db2jds-dos(44984)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44984"
          },
          {
            "name": "1020826",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020826"
          },
          {
            "name": "48148",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/48148"
          },
          {
            "name": "31787",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31787"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-09-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the JDBC Applet Server Service (aka db2jds) in IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service (service crash) via \"malicious packets.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
        },
        {
          "name": "31058",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/31058"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21318189"
        },
        {
          "name": "JR29274",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR29274"
        },
        {
          "name": "db2-db2jds-dos(44984)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44984"
        },
        {
          "name": "1020826",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020826"
        },
        {
          "name": "48148",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/48148"
        },
        {
          "name": "31787",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31787"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-3960",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the JDBC Applet Server Service (aka db2jds) in IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service (service crash) via \"malicious packets.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
            },
            {
              "name": "31058",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/31058"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21318189",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21318189"
            },
            {
              "name": "JR29274",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR29274"
            },
            {
              "name": "db2-db2jds-dos(44984)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44984"
            },
            {
              "name": "1020826",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020826"
            },
            {
              "name": "48148",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/48148"
            },
            {
              "name": "31787",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31787"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-3960",
    "datePublished": "2008-09-09T14:00:00",
    "dateReserved": "2008-09-09T00:00:00",
    "dateUpdated": "2024-08-07T10:00:41.931Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2008-3853 (GCVE-0-2008-3853)

Vulnerability from cvelistv5 – Published: 2008-08-28 17:00 – Updated: 2024-08-07 09:53

Summary

Buffer overflow in the DAS server program in the Core DAS function component in IBM DB2 9.1 before FP4a and 9.5 before FP1 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via unspecified vectors. NOTE: this might be related to CVE-2007-3676.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www-1.ibm.com/support/docview.wss?uid=swg2…	x_refsource_CONFIRM
	http://www-1.ibm.com/support/docview.wss?uid=swg1…	vendor-advisoryx_refsource_AIXAPAR
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	ftp://ftp.software.ibm.com/ps/products/db2/fixes/…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/29601	vdb-entryx_refsource_BID
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	http://secunia.com/advisories/29784	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:53:00.420Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "IZ12379",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12379"
          },
          {
            "name": "ibm-db2-das-bo(45141)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45141"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
          },
          {
            "name": "29601",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/29601"
          },
          {
            "name": "IZ12406",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ12406"
          },
          {
            "name": "29784",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29784"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-06-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the DAS server program in the Core DAS function component in IBM DB2 9.1 before FP4a and 9.5 before FP1 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via unspecified vectors. NOTE: this might be related to CVE-2007-3676."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "IZ12379",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12379"
        },
        {
          "name": "ibm-db2-das-bo(45141)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45141"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
        },
        {
          "name": "29601",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/29601"
        },
        {
          "name": "IZ12406",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ12406"
        },
        {
          "name": "29784",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29784"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-3853",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the DAS server program in the Core DAS function component in IBM DB2 9.1 before FP4a and 9.5 before FP1 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via unspecified vectors. NOTE: this might be related to CVE-2007-3676."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "IZ12379",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12379"
            },
            {
              "name": "ibm-db2-das-bo(45141)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45141"
            },
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
            },
            {
              "name": "29601",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/29601"
            },
            {
              "name": "IZ12406",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ12406"
            },
            {
              "name": "29784",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29784"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-3853",
    "datePublished": "2008-08-28T17:00:00",
    "dateReserved": "2008-08-28T00:00:00",
    "dateUpdated": "2024-08-07T09:53:00.420Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2008-3855 (GCVE-0-2008-3855)

Vulnerability from cvelistv5 – Published: 2008-08-28 17:00 – Updated: 2024-08-07 09:53

Summary

Unspecified vulnerability in the DB2 Administration Server (DAS) in the Core DAS function component in IBM DB2 9.1 before Fixpak 5 allows local users to gain privileges, aka a "FILE CREATION VULNERABILITY." NOTE: this may be the same as CVE-2007-5664.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www-1.ibm.com/support/docview.wss?uid=swg2…	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www-1.ibm.com/support/docview.wss?uid=swg1…	vendor-advisoryx_refsource_AIXAPAR
	http://www.vupen.com/english/advisories/2008/1769	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/bid/29601	vdb-entryx_refsource_BID
	http://secunia.com/advisories/30558	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:53:00.634Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "ibm-db2-adminserver-privilege-escalation(42932)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42932"
          },
          {
            "name": "IZ12735",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12735"
          },
          {
            "name": "ADV-2008-1769",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1769"
          },
          {
            "name": "29601",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/29601"
          },
          {
            "name": "30558",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30558"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-06-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the DB2 Administration Server (DAS) in the Core DAS function component in IBM DB2 9.1 before Fixpak 5 allows local users to gain privileges, aka a \"FILE CREATION VULNERABILITY.\" NOTE: this may be the same as CVE-2007-5664."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "ibm-db2-adminserver-privilege-escalation(42932)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42932"
        },
        {
          "name": "IZ12735",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12735"
        },
        {
          "name": "ADV-2008-1769",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1769"
        },
        {
          "name": "29601",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/29601"
        },
        {
          "name": "30558",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30558"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-3855",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the DB2 Administration Server (DAS) in the Core DAS function component in IBM DB2 9.1 before Fixpak 5 allows local users to gain privileges, aka a \"FILE CREATION VULNERABILITY.\" NOTE: this may be the same as CVE-2007-5664."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "ibm-db2-adminserver-privilege-escalation(42932)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42932"
            },
            {
              "name": "IZ12735",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12735"
            },
            {
              "name": "ADV-2008-1769",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1769"
            },
            {
              "name": "29601",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/29601"
            },
            {
              "name": "30558",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30558"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-3855",
    "datePublished": "2008-08-28T17:00:00",
    "dateReserved": "2008-08-28T00:00:00",
    "dateUpdated": "2024-08-07T09:53:00.634Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2008-3854 (GCVE-0-2008-3854)

Vulnerability from cvelistv5 – Published: 2008-08-28 17:00 – Updated: 2024-08-07 09:53

Summary

Multiple stack-based buffer overflows in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 1 allow remote attackers to cause a denial of service (system outage) via vectors related to (1) use of XQuery to issue statements; the (2) XMLQUERY, (3) XMLEXISTS, and (4) XMLTABLE statements; and the (5) sqlrlaka function.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www-1.ibm.com/support/docview.wss?uid=swg2…	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/archive/1/496406/100…	mailing-listx_refsource_BUGTRAQ
	http://www-1.ibm.com/support/docview.wss?uid=swg1…	vendor-advisoryx_refsource_AIXAPAR
	http://www.vupen.com/english/advisories/2008/1769	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/bid/29601	vdb-entryx_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg1…	vendor-advisoryx_refsource_AIXAPAR
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www-1.ibm.com/support/docview.wss?uid=swg1…	vendor-advisoryx_refsource_AIXAPAR
	http://secunia.com/advisories/30558	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:53:00.407Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "ibm-db2-multiple-bo(42935)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42935"
          },
          {
            "name": "20080916 Team SHATTER Security Advisory: IBM DB2 UDB - Buffer overrun in XMLQUERY and XMLEXISTS",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/496406/100/0/threaded"
          },
          {
            "name": "IZ18431",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18431"
          },
          {
            "name": "ADV-2008-1769",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1769"
          },
          {
            "name": "29601",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/29601"
          },
          {
            "name": "IZ18434",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18434"
          },
          {
            "name": "ibm-db2-sqlrlaka-bo(42930)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42930"
          },
          {
            "name": "IZ16346",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ16346"
          },
          {
            "name": "30558",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30558"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-06-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple stack-based buffer overflows in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 1 allow remote attackers to cause a denial of service (system outage) via vectors related to (1) use of XQuery to issue statements; the (2) XMLQUERY, (3) XMLEXISTS, and (4) XMLTABLE statements; and the (5) sqlrlaka function."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "ibm-db2-multiple-bo(42935)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42935"
        },
        {
          "name": "20080916 Team SHATTER Security Advisory: IBM DB2 UDB - Buffer overrun in XMLQUERY and XMLEXISTS",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/496406/100/0/threaded"
        },
        {
          "name": "IZ18431",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18431"
        },
        {
          "name": "ADV-2008-1769",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1769"
        },
        {
          "name": "29601",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/29601"
        },
        {
          "name": "IZ18434",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18434"
        },
        {
          "name": "ibm-db2-sqlrlaka-bo(42930)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42930"
        },
        {
          "name": "IZ16346",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ16346"
        },
        {
          "name": "30558",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30558"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-3854",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple stack-based buffer overflows in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 1 allow remote attackers to cause a denial of service (system outage) via vectors related to (1) use of XQuery to issue statements; the (2) XMLQUERY, (3) XMLEXISTS, and (4) XMLTABLE statements; and the (5) sqlrlaka function."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "ibm-db2-multiple-bo(42935)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42935"
            },
            {
              "name": "20080916 Team SHATTER Security Advisory: IBM DB2 UDB - Buffer overrun in XMLQUERY and XMLEXISTS",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/496406/100/0/threaded"
            },
            {
              "name": "IZ18431",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18431"
            },
            {
              "name": "ADV-2008-1769",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1769"
            },
            {
              "name": "29601",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/29601"
            },
            {
              "name": "IZ18434",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18434"
            },
            {
              "name": "ibm-db2-sqlrlaka-bo(42930)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42930"
            },
            {
              "name": "IZ16346",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ16346"
            },
            {
              "name": "30558",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30558"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-3854",
    "datePublished": "2008-08-28T17:00:00",
    "dateReserved": "2008-08-28T00:00:00",
    "dateUpdated": "2024-08-07T09:53:00.407Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2008-3856 (GCVE-0-2008-3856)

Vulnerability from cvelistv5 – Published: 2008-08-28 17:00 – Updated: 2024-08-07 09:53

Summary

The routine infrastructure component in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP1 on Unix and Linux does not change the ownership of the db2fmp process, which has unknown impact and attack vectors.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	ftp://ftp.software.ibm.com/ps/products/db2/fixes/…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/31058	vdb-entryx_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg2…	x_refsource_CONFIRM
	http://www-1.ibm.com/support/docview.wss?uid=swg1…	vendor-advisoryx_refsource_AIXAPAR
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	ftp://ftp.software.ibm.com/ps/products/db2/fixes/…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/29601	vdb-entryx_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg1…	vendor-advisoryx_refsource_AIXAPAR
	http://secunia.com/advisories/31787	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/29784	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:53:00.414Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
          },
          {
            "name": "31058",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/31058"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "IZ20352",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20352"
          },
          {
            "name": "ibm-db2-infrastructure-unspecified(45140)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45140"
          },
          {
            "name": "IZ19155",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ19155"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
          },
          {
            "name": "29601",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/29601"
          },
          {
            "name": "IZ20350",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20350"
          },
          {
            "name": "31787",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31787"
          },
          {
            "name": "29784",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29784"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-06-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The routine infrastructure component in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP1 on Unix and Linux does not change the ownership of the db2fmp process, which has unknown impact and attack vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
        },
        {
          "name": "31058",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/31058"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "IZ20352",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20352"
        },
        {
          "name": "ibm-db2-infrastructure-unspecified(45140)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45140"
        },
        {
          "name": "IZ19155",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ19155"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
        },
        {
          "name": "29601",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/29601"
        },
        {
          "name": "IZ20350",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20350"
        },
        {
          "name": "31787",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31787"
        },
        {
          "name": "29784",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29784"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-3856",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The routine infrastructure component in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP1 on Unix and Linux does not change the ownership of the db2fmp process, which has unknown impact and attack vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
            },
            {
              "name": "31058",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/31058"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "IZ20352",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20352"
            },
            {
              "name": "ibm-db2-infrastructure-unspecified(45140)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45140"
            },
            {
              "name": "IZ19155",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ19155"
            },
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
            },
            {
              "name": "29601",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/29601"
            },
            {
              "name": "IZ20350",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20350"
            },
            {
              "name": "31787",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31787"
            },
            {
              "name": "29784",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29784"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-3856",
    "datePublished": "2008-08-28T17:00:00",
    "dateReserved": "2008-08-28T00:00:00",
    "dateUpdated": "2024-08-07T09:53:00.414Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2010-3739 (GCVE-0-2010-3739)

Vulnerability from nvd – Published: 2010-10-05 17:00 – Updated: 2024-09-16 17:14

Summary

The audit facility in the Security component in IBM DB2 UDB 9.5 before FP6a uses instance-level audit settings to capture connection (aka CONNECT and AUTHENTICATION) events in certain circumstances in which database-level audit settings were intended, which might make it easier for remote attackers to connect without discovery.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	ftp://public.dhe.ibm.com/ps/products/db2/fixes/en…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T03:18:53.198Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "JR34218",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR34218"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The audit facility in the Security component in IBM DB2 UDB 9.5 before FP6a uses instance-level audit settings to capture connection (aka CONNECT and AUTHENTICATION) events in certain circumstances in which database-level audit settings were intended, which might make it easier for remote attackers to connect without discovery."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-10-05T17:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "JR34218",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR34218"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2010-3739",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The audit facility in the Security component in IBM DB2 UDB 9.5 before FP6a uses instance-level audit settings to capture connection (aka CONNECT and AUTHENTICATION) events in certain circumstances in which database-level audit settings were intended, which might make it easier for remote attackers to connect without discovery."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "JR34218",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR34218"
            },
            {
              "name": "ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://public.dhe.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2010-3739",
    "datePublished": "2010-10-05T17:00:00Z",
    "dateReserved": "2010-10-05T00:00:00Z",
    "dateUpdated": "2024-09-16T17:14:29.509Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-4150 (GCVE-0-2009-4150)

Vulnerability from nvd – Published: 2009-12-02 11:00 – Updated: 2024-09-16 23:35

Summary

dasauto in IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP1 permits execution by unprivileged user accounts, which has unspecified impact and local attack vectors.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	http://secunia.com/advisories/36890	third-party-advisoryx_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg…	x_refsource_CONFIRM
	http://securitytracker.com/id?1023242	vdb-entryx_refsource_SECTRACK
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	http://www.vupen.com/english/advisories/2009/3340	vdb-entryx_refsource_VUPEN
	http://secunia.com/advisories/37454	third-party-advisoryx_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	http://www-01.ibm.com/support/docview.wss?uid=swg…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T06:54:09.420Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "IZ40343",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40343"
          },
          {
            "name": "IC64759",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC64759"
          },
          {
            "name": "36890",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36890"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21403619"
          },
          {
            "name": "1023242",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1023242"
          },
          {
            "name": "IZ40340",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40340"
          },
          {
            "name": "ADV-2009-3340",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/3340"
          },
          {
            "name": "37454",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/37454"
          },
          {
            "name": "IZ40352",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40352"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21386689"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "dasauto in IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP1 permits execution by unprivileged user accounts, which has unspecified impact and local attack vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-12-02T11:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "IZ40343",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40343"
        },
        {
          "name": "IC64759",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC64759"
        },
        {
          "name": "36890",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36890"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21403619"
        },
        {
          "name": "1023242",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1023242"
        },
        {
          "name": "IZ40340",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40340"
        },
        {
          "name": "ADV-2009-3340",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/3340"
        },
        {
          "name": "37454",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/37454"
        },
        {
          "name": "IZ40352",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40352"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21386689"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-4150",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "dasauto in IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP1 permits execution by unprivileged user accounts, which has unspecified impact and local attack vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "IZ40343",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40343"
            },
            {
              "name": "IC64759",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IC64759"
            },
            {
              "name": "36890",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36890"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21403619",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21403619"
            },
            {
              "name": "1023242",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1023242"
            },
            {
              "name": "IZ40340",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40340"
            },
            {
              "name": "ADV-2009-3340",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/3340"
            },
            {
              "name": "37454",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/37454"
            },
            {
              "name": "IZ40352",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40352"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21386689",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21386689"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-4150",
    "datePublished": "2009-12-02T11:00:00Z",
    "dateReserved": "2009-12-02T00:00:00Z",
    "dateUpdated": "2024-09-16T23:35:40.423Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-0173 (GCVE-0-2009-0173)

Vulnerability from nvd – Published: 2009-01-16 21:00 – Updated: 2024-08-07 04:24

Summary

Unspecified vulnerability in the server in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote authenticated users to cause a denial of service (trap) via a crafted data stream.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	ftp://ftp.software.ibm.com/ps/products/db2/fixes/…	x_refsource_CONFIRM
	http://securitytracker.com/id?1021591	vdb-entryx_refsource_SECTRACK
	ftp://ftp.software.ibm.com/ps/products/db2/fixes/…	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	http://www-1.ibm.com/support/docview.wss?uid=swg1…	vendor-advisoryx_refsource_AIXAPAR
	ftp://ftp.software.ibm.com/ps/products/db2/fixes/…	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www-1.ibm.com/support/docview.wss?uid=swg1…	vendor-advisoryx_refsource_AIXAPAR
	http://secunia.com/advisories/33529	third-party-advisoryx_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg…	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2009/0137	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/bid/33258	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:24:17.975Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
          },
          {
            "name": "1021591",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021591"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT"
          },
          {
            "name": "IZ39652",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ39652"
          },
          {
            "name": "IZ39373",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39373"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
          },
          {
            "name": "ibm-db2-datastream-dos(47934)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47934"
          },
          {
            "name": "IZ39653",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39653"
          },
          {
            "name": "33529",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33529"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936"
          },
          {
            "name": "ADV-2009-0137",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0137"
          },
          {
            "name": "33258",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33258"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-01-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the server in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote authenticated users to cause a denial of service (trap) via a crafted data stream."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
        },
        {
          "name": "1021591",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021591"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT"
        },
        {
          "name": "IZ39652",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ39652"
        },
        {
          "name": "IZ39373",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39373"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
        },
        {
          "name": "ibm-db2-datastream-dos(47934)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47934"
        },
        {
          "name": "IZ39653",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39653"
        },
        {
          "name": "33529",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33529"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936"
        },
        {
          "name": "ADV-2009-0137",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0137"
        },
        {
          "name": "33258",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33258"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-0173",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the server in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote authenticated users to cause a denial of service (trap) via a crafted data stream."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
            },
            {
              "name": "1021591",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1021591"
            },
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT"
            },
            {
              "name": "IZ39652",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ39652"
            },
            {
              "name": "IZ39373",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39373"
            },
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
            },
            {
              "name": "ibm-db2-datastream-dos(47934)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47934"
            },
            {
              "name": "IZ39653",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ39653"
            },
            {
              "name": "33529",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33529"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936"
            },
            {
              "name": "ADV-2009-0137",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0137"
            },
            {
              "name": "33258",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/33258"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-0173",
    "datePublished": "2009-01-16T21:00:00",
    "dateReserved": "2009-01-16T00:00:00",
    "dateUpdated": "2024-08-07T04:24:17.975Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2009-0172 (GCVE-0-2009-0172)

Vulnerability from nvd – Published: 2009-01-16 21:00 – Updated: 2024-08-07 04:24

Summary

Unspecified vulnerability in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote attackers to cause a denial of service (infinite loop) via a crafted CONNECT data stream.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	ftp://ftp.software.ibm.com/ps/products/db2/fixes/…	x_refsource_CONFIRM
	http://www-1.ibm.com/support/docview.wss?uid=swg1…	vendor-advisoryx_refsource_AIXAPAR
	http://securitytracker.com/id?1021591	vdb-entryx_refsource_SECTRACK
	ftp://ftp.software.ibm.com/ps/products/db2/fixes/…	x_refsource_CONFIRM
	ftp://ftp.software.ibm.com/ps/products/db2/fixes/…	x_refsource_CONFIRM
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	http://secunia.com/advisories/33529	third-party-advisoryx_refsource_SECUNIA
	http://www-01.ibm.com/support/docview.wss?uid=swg…	x_refsource_CONFIRM
	http://www.vupen.com/english/advisories/2009/0137	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/bid/33258	vdb-entryx_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg1…	vendor-advisoryx_refsource_AIXAPAR
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T04:24:18.155Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
          },
          {
            "name": "IZ36534",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ36534"
          },
          {
            "name": "1021591",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1021591"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
          },
          {
            "name": "IZ37696",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37696"
          },
          {
            "name": "33529",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/33529"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936"
          },
          {
            "name": "ADV-2009-0137",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/0137"
          },
          {
            "name": "33258",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/33258"
          },
          {
            "name": "IZ37697",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ37697"
          },
          {
            "name": "ibm-db2-connect-stream-dos(47931)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47931"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-01-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote attackers to cause a denial of service (infinite loop) via a crafted CONNECT data stream."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
        },
        {
          "name": "IZ36534",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ36534"
        },
        {
          "name": "1021591",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1021591"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
        },
        {
          "name": "IZ37696",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37696"
        },
        {
          "name": "33529",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/33529"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936"
        },
        {
          "name": "ADV-2009-0137",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/0137"
        },
        {
          "name": "33258",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/33258"
        },
        {
          "name": "IZ37697",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ37697"
        },
        {
          "name": "ibm-db2-connect-stream-dos(47931)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47931"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2009-0172",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in IBM DB2 8 before FP17a, 9.1 before FP6a, and 9.5 before FP3a allows remote attackers to cause a denial of service (infinite loop) via a crafted CONNECT data stream."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
            },
            {
              "name": "IZ36534",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ36534"
            },
            {
              "name": "1021591",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1021591"
            },
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT"
            },
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
            },
            {
              "name": "IZ37696",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ37696"
            },
            {
              "name": "33529",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/33529"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21363936"
            },
            {
              "name": "ADV-2009-0137",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/0137"
            },
            {
              "name": "33258",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/33258"
            },
            {
              "name": "IZ37697",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ37697"
            },
            {
              "name": "ibm-db2-connect-stream-dos(47931)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/47931"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2009-0172",
    "datePublished": "2009-01-16T21:00:00",
    "dateReserved": "2009-01-16T00:00:00",
    "dateUpdated": "2024-08-07T04:24:18.155Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2008-3960 (GCVE-0-2008-3960)

Vulnerability from nvd – Published: 2008-09-09 14:00 – Updated: 2024-08-07 10:00

Summary

Unspecified vulnerability in the JDBC Applet Server Service (aka db2jds) in IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service (service crash) via "malicious packets."

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	ftp://ftp.software.ibm.com/ps/products/db2/fixes/…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/31058	vdb-entryx_refsource_BID
	http://www-01.ibm.com/support/docview.wss?uid=swg…	x_refsource_CONFIRM
	http://www-1.ibm.com/support/docview.wss?uid=swg1…	vendor-advisoryx_refsource_AIXAPAR
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securitytracker.com/id?1020826	vdb-entryx_refsource_SECTRACK
	http://osvdb.org/48148	vdb-entryx_refsource_OSVDB
	http://secunia.com/advisories/31787	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T10:00:41.931Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
          },
          {
            "name": "31058",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/31058"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21318189"
          },
          {
            "name": "JR29274",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR29274"
          },
          {
            "name": "db2-db2jds-dos(44984)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44984"
          },
          {
            "name": "1020826",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1020826"
          },
          {
            "name": "48148",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/48148"
          },
          {
            "name": "31787",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31787"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-09-01T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the JDBC Applet Server Service (aka db2jds) in IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service (service crash) via \"malicious packets.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
        },
        {
          "name": "31058",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/31058"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21318189"
        },
        {
          "name": "JR29274",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR29274"
        },
        {
          "name": "db2-db2jds-dos(44984)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44984"
        },
        {
          "name": "1020826",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1020826"
        },
        {
          "name": "48148",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/48148"
        },
        {
          "name": "31787",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31787"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-3960",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the JDBC Applet Server Service (aka db2jds) in IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service (service crash) via \"malicious packets.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
            },
            {
              "name": "31058",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/31058"
            },
            {
              "name": "http://www-01.ibm.com/support/docview.wss?uid=swg21318189",
              "refsource": "CONFIRM",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21318189"
            },
            {
              "name": "JR29274",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1JR29274"
            },
            {
              "name": "db2-db2jds-dos(44984)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44984"
            },
            {
              "name": "1020826",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1020826"
            },
            {
              "name": "48148",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/48148"
            },
            {
              "name": "31787",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31787"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-3960",
    "datePublished": "2008-09-09T14:00:00",
    "dateReserved": "2008-09-09T00:00:00",
    "dateUpdated": "2024-08-07T10:00:41.931Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2008-3853 (GCVE-0-2008-3853)

Vulnerability from nvd – Published: 2008-08-28 17:00 – Updated: 2024-08-07 09:53

Summary

Buffer overflow in the DAS server program in the Core DAS function component in IBM DB2 9.1 before FP4a and 9.5 before FP1 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via unspecified vectors. NOTE: this might be related to CVE-2007-3676.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www-1.ibm.com/support/docview.wss?uid=swg2…	x_refsource_CONFIRM
	http://www-1.ibm.com/support/docview.wss?uid=swg1…	vendor-advisoryx_refsource_AIXAPAR
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	ftp://ftp.software.ibm.com/ps/products/db2/fixes/…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/29601	vdb-entryx_refsource_BID
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	http://secunia.com/advisories/29784	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:53:00.420Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "IZ12379",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12379"
          },
          {
            "name": "ibm-db2-das-bo(45141)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45141"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
          },
          {
            "name": "29601",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/29601"
          },
          {
            "name": "IZ12406",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ12406"
          },
          {
            "name": "29784",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29784"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-06-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer overflow in the DAS server program in the Core DAS function component in IBM DB2 9.1 before FP4a and 9.5 before FP1 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via unspecified vectors. NOTE: this might be related to CVE-2007-3676."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "IZ12379",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12379"
        },
        {
          "name": "ibm-db2-das-bo(45141)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45141"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
        },
        {
          "name": "29601",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/29601"
        },
        {
          "name": "IZ12406",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ12406"
        },
        {
          "name": "29784",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29784"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-3853",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer overflow in the DAS server program in the Core DAS function component in IBM DB2 9.1 before FP4a and 9.5 before FP1 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via unspecified vectors. NOTE: this might be related to CVE-2007-3676."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "IZ12379",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12379"
            },
            {
              "name": "ibm-db2-das-bo(45141)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45141"
            },
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
            },
            {
              "name": "29601",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/29601"
            },
            {
              "name": "IZ12406",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ12406"
            },
            {
              "name": "29784",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29784"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-3853",
    "datePublished": "2008-08-28T17:00:00",
    "dateReserved": "2008-08-28T00:00:00",
    "dateUpdated": "2024-08-07T09:53:00.420Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2008-3855 (GCVE-0-2008-3855)

Vulnerability from nvd – Published: 2008-08-28 17:00 – Updated: 2024-08-07 09:53

Summary

Unspecified vulnerability in the DB2 Administration Server (DAS) in the Core DAS function component in IBM DB2 9.1 before Fixpak 5 allows local users to gain privileges, aka a "FILE CREATION VULNERABILITY." NOTE: this may be the same as CVE-2007-5664.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www-1.ibm.com/support/docview.wss?uid=swg2…	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www-1.ibm.com/support/docview.wss?uid=swg1…	vendor-advisoryx_refsource_AIXAPAR
	http://www.vupen.com/english/advisories/2008/1769	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/bid/29601	vdb-entryx_refsource_BID
	http://secunia.com/advisories/30558	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:53:00.634Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "ibm-db2-adminserver-privilege-escalation(42932)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42932"
          },
          {
            "name": "IZ12735",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12735"
          },
          {
            "name": "ADV-2008-1769",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1769"
          },
          {
            "name": "29601",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/29601"
          },
          {
            "name": "30558",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30558"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-06-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the DB2 Administration Server (DAS) in the Core DAS function component in IBM DB2 9.1 before Fixpak 5 allows local users to gain privileges, aka a \"FILE CREATION VULNERABILITY.\" NOTE: this may be the same as CVE-2007-5664."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "ibm-db2-adminserver-privilege-escalation(42932)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42932"
        },
        {
          "name": "IZ12735",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12735"
        },
        {
          "name": "ADV-2008-1769",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1769"
        },
        {
          "name": "29601",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/29601"
        },
        {
          "name": "30558",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30558"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-3855",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the DB2 Administration Server (DAS) in the Core DAS function component in IBM DB2 9.1 before Fixpak 5 allows local users to gain privileges, aka a \"FILE CREATION VULNERABILITY.\" NOTE: this may be the same as CVE-2007-5664."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "ibm-db2-adminserver-privilege-escalation(42932)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42932"
            },
            {
              "name": "IZ12735",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12735"
            },
            {
              "name": "ADV-2008-1769",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1769"
            },
            {
              "name": "29601",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/29601"
            },
            {
              "name": "30558",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30558"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-3855",
    "datePublished": "2008-08-28T17:00:00",
    "dateReserved": "2008-08-28T00:00:00",
    "dateUpdated": "2024-08-07T09:53:00.634Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2008-3854 (GCVE-0-2008-3854)

Vulnerability from nvd – Published: 2008-08-28 17:00 – Updated: 2024-08-07 09:53

Summary

Multiple stack-based buffer overflows in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 1 allow remote attackers to cause a denial of service (system outage) via vectors related to (1) use of XQuery to issue statements; the (2) XMLQUERY, (3) XMLEXISTS, and (4) XMLTABLE statements; and the (5) sqlrlaka function.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	http://www-1.ibm.com/support/docview.wss?uid=swg2…	x_refsource_CONFIRM
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www.securityfocus.com/archive/1/496406/100…	mailing-listx_refsource_BUGTRAQ
	http://www-1.ibm.com/support/docview.wss?uid=swg1…	vendor-advisoryx_refsource_AIXAPAR
	http://www.vupen.com/english/advisories/2008/1769	vdb-entryx_refsource_VUPEN
	http://www.securityfocus.com/bid/29601	vdb-entryx_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg1…	vendor-advisoryx_refsource_AIXAPAR
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www-1.ibm.com/support/docview.wss?uid=swg1…	vendor-advisoryx_refsource_AIXAPAR
	http://secunia.com/advisories/30558	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:53:00.407Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "ibm-db2-multiple-bo(42935)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42935"
          },
          {
            "name": "20080916 Team SHATTER Security Advisory: IBM DB2 UDB - Buffer overrun in XMLQUERY and XMLEXISTS",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/496406/100/0/threaded"
          },
          {
            "name": "IZ18431",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18431"
          },
          {
            "name": "ADV-2008-1769",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1769"
          },
          {
            "name": "29601",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/29601"
          },
          {
            "name": "IZ18434",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18434"
          },
          {
            "name": "ibm-db2-sqlrlaka-bo(42930)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42930"
          },
          {
            "name": "IZ16346",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ16346"
          },
          {
            "name": "30558",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30558"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-06-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple stack-based buffer overflows in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 1 allow remote attackers to cause a denial of service (system outage) via vectors related to (1) use of XQuery to issue statements; the (2) XMLQUERY, (3) XMLEXISTS, and (4) XMLTABLE statements; and the (5) sqlrlaka function."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-11T19:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "ibm-db2-multiple-bo(42935)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42935"
        },
        {
          "name": "20080916 Team SHATTER Security Advisory: IBM DB2 UDB - Buffer overrun in XMLQUERY and XMLEXISTS",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/496406/100/0/threaded"
        },
        {
          "name": "IZ18431",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18431"
        },
        {
          "name": "ADV-2008-1769",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1769"
        },
        {
          "name": "29601",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/29601"
        },
        {
          "name": "IZ18434",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18434"
        },
        {
          "name": "ibm-db2-sqlrlaka-bo(42930)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42930"
        },
        {
          "name": "IZ16346",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ16346"
        },
        {
          "name": "30558",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30558"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-3854",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple stack-based buffer overflows in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 1 allow remote attackers to cause a denial of service (system outage) via vectors related to (1) use of XQuery to issue statements; the (2) XMLQUERY, (3) XMLEXISTS, and (4) XMLTABLE statements; and the (5) sqlrlaka function."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "ibm-db2-multiple-bo(42935)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42935"
            },
            {
              "name": "20080916 Team SHATTER Security Advisory: IBM DB2 UDB - Buffer overrun in XMLQUERY and XMLEXISTS",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/496406/100/0/threaded"
            },
            {
              "name": "IZ18431",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18431"
            },
            {
              "name": "ADV-2008-1769",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1769"
            },
            {
              "name": "29601",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/29601"
            },
            {
              "name": "IZ18434",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18434"
            },
            {
              "name": "ibm-db2-sqlrlaka-bo(42930)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42930"
            },
            {
              "name": "IZ16346",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ16346"
            },
            {
              "name": "30558",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30558"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-3854",
    "datePublished": "2008-08-28T17:00:00",
    "dateReserved": "2008-08-28T00:00:00",
    "dateUpdated": "2024-08-07T09:53:00.407Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2008-3856 (GCVE-0-2008-3856)

Vulnerability from nvd – Published: 2008-08-28 17:00 – Updated: 2024-08-07 09:53

Summary

The routine infrastructure component in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP1 on Unix and Linux does not change the ownership of the db2fmp process, which has unknown impact and attack vectors.

Severity ?

No CVSS data available.

CWE

n/a

Assigner

mitre

References

URL

Tags

	ftp://ftp.software.ibm.com/ps/products/db2/fixes/…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/31058	vdb-entryx_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg2…	x_refsource_CONFIRM
	http://www-1.ibm.com/support/docview.wss?uid=swg1…	vendor-advisoryx_refsource_AIXAPAR
	https://exchange.xforce.ibmcloud.com/vulnerabilit…	vdb-entryx_refsource_XF
	http://www-01.ibm.com/support/docview.wss?uid=swg…	vendor-advisoryx_refsource_AIXAPAR
	ftp://ftp.software.ibm.com/ps/products/db2/fixes/…	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/29601	vdb-entryx_refsource_BID
	http://www-1.ibm.com/support/docview.wss?uid=swg1…	vendor-advisoryx_refsource_AIXAPAR
	http://secunia.com/advisories/31787	third-party-advisoryx_refsource_SECUNIA
	http://secunia.com/advisories/29784	third-party-advisoryx_refsource_SECUNIA

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T09:53:00.414Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
          },
          {
            "name": "31058",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/31058"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
          },
          {
            "name": "IZ20352",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20352"
          },
          {
            "name": "ibm-db2-infrastructure-unspecified(45140)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45140"
          },
          {
            "name": "IZ19155",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ19155"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
          },
          {
            "name": "29601",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/29601"
          },
          {
            "name": "IZ20350",
            "tags": [
              "vendor-advisory",
              "x_refsource_AIXAPAR",
              "x_transferred"
            ],
            "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20350"
          },
          {
            "name": "31787",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/31787"
          },
          {
            "name": "29784",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29784"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-06-09T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The routine infrastructure component in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP1 on Unix and Linux does not change the ownership of the db2fmp process, which has unknown impact and attack vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-08-07T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
        },
        {
          "name": "31058",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/31058"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
        },
        {
          "name": "IZ20352",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20352"
        },
        {
          "name": "ibm-db2-infrastructure-unspecified(45140)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45140"
        },
        {
          "name": "IZ19155",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ19155"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
        },
        {
          "name": "29601",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/29601"
        },
        {
          "name": "IZ20350",
          "tags": [
            "vendor-advisory",
            "x_refsource_AIXAPAR"
          ],
          "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20350"
        },
        {
          "name": "31787",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/31787"
        },
        {
          "name": "29784",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29784"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2008-3856",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The routine infrastructure component in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP1 on Unix and Linux does not change the ownership of the db2fmp process, which has unknown impact and attack vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT"
            },
            {
              "name": "31058",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/31058"
            },
            {
              "name": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607",
              "refsource": "CONFIRM",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg21255607"
            },
            {
              "name": "IZ20352",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20352"
            },
            {
              "name": "ibm-db2-infrastructure-unspecified(45140)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/45140"
            },
            {
              "name": "IZ19155",
              "refsource": "AIXAPAR",
              "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1IZ19155"
            },
            {
              "name": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT",
              "refsource": "CONFIRM",
              "url": "ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT"
            },
            {
              "name": "29601",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/29601"
            },
            {
              "name": "IZ20350",
              "refsource": "AIXAPAR",
              "url": "http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20350"
            },
            {
              "name": "31787",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/31787"
            },
            {
              "name": "29784",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29784"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2008-3856",
    "datePublished": "2008-08-28T17:00:00",
    "dateReserved": "2008-08-28T00:00:00",
    "dateUpdated": "2024-08-07T09:53:00.414Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Search criteria

198 vulnerabilities found for db2_universal_database by ibm

CVE-2010-3739 (GCVE-0-2010-3739)

CVE-2009-4150 (GCVE-0-2009-4150)

CVE-2009-0173 (GCVE-0-2009-0173)

CVE-2009-0172 (GCVE-0-2009-0172)

CVE-2008-3960 (GCVE-0-2008-3960)

CVE-2008-3853 (GCVE-0-2008-3853)

CVE-2008-3855 (GCVE-0-2008-3855)

CVE-2008-3854 (GCVE-0-2008-3854)

CVE-2008-3856 (GCVE-0-2008-3856)

CVE-2010-3739 (GCVE-0-2010-3739)

CVE-2009-4150 (GCVE-0-2009-4150)

CVE-2009-0173 (GCVE-0-2009-0173)

CVE-2009-0172 (GCVE-0-2009-0172)

CVE-2008-3960 (GCVE-0-2008-3960)

CVE-2008-3853 (GCVE-0-2008-3853)

CVE-2008-3855 (GCVE-0-2008-3855)

CVE-2008-3854 (GCVE-0-2008-3854)

CVE-2008-3856 (GCVE-0-2008-3856)