Lucene search

[email protected]CVE-2008-0699

HistoryFeb 12, 2008 - 1:00 a.m.

CVE-2008-0699

2008-02-1201:00:00

[email protected]

web.nvd.nist.gov

cve-2008-0699

ibm

db2

udb

vulnerability

admin_sp_c

arbitrary code

remote authenticated users

nvd

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.02 Low

EPSS

Percentile

88.9%

JSON

Unspecified vulnerability in the ADMIN_SP_C procedure (SYSPROC.ADMIN_SP_C) in IBM DB2 UDB before 8.2 Fixpak 16, 9.1 before FP4a, and 9.5 before FP1 allows remote authenticated users to execute arbitrary code via unspecified attack vectors.

Affected configurations

NVD

Node

ibmdb2Match8.2fp1

ibmdb2Match8.2fp10

ibmdb2Match8.2fp11

ibmdb2Match8.2fp12

ibmdb2Match8.2fp13

ibmdb2Match8.2fp14

ibmdb2Match8.2fp15

ibmdb2Match8.2fp16

ibmdb2Match8.2fp2

ibmdb2Match8.2fp3

ibmdb2Match8.2fp4

ibmdb2Match8.2fp5

ibmdb2Match8.2fp6

ibmdb2Match8.2fp7

ibmdb2Match8.2fp8

ibmdb2Match8.2fp9

ibmdb2Match9.1

ibmdb2Match9.1fp1

ibmdb2Match9.1fp2

ibmdb2Match9.1fp2a

ibmdb2Match9.1fp3

ibmdb2Match9.1fp3a

ibmdb2Match9.1fp4

ibmdb2Match9.5

CPENameOperatorVersion
ibm:db2ibm db2eq8.2
ibm:db2ibm db2eq9.1
ibm:db2ibm db2eq9.5

CPE	Name	Operator	Version
ibm:db2	ibm db2	eq	8.2
ibm:db2	ibm db2	eq	9.1
ibm:db2	ibm db2	eq	9.5

References

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT

osvdb.org/41795

secunia.com/advisories/28771

secunia.com/advisories/29022

secunia.com/advisories/29784

www-1.ibm.com/support/docview.wss?uid=swg1IZ06972

www-1.ibm.com/support/docview.wss?uid=swg1IZ06973

www-1.ibm.com/support/docview.wss?uid=swg1IZ10917

www.appsecinc.com/resources/alerts/db2/2008-02.shtml

www.securityfocus.com/archive/1/491075/100/0/threaded

www.vupen.com/english/advisories/2008/0401

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

7 High

AI Score

Confidence

Low

0.02 Low

EPSS

Percentile

88.9%

JSON

Related for CVE-2008-0699

prion2 nvd2 cvelist2 cve1