Lucene search
HistoryApr 28, 2008 - 8:05 p.m.
CVE-2008-1997
ibm
db2
vulnerability
remote code execution
cve-2008-1997
nvd
9 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
6.9 Medium
AI Score
Confidence
Low
0.02 Low
EPSS
Percentile
88.9%
Unspecified vulnerability in the ADMIN_SP_C2 procedure in IBM DB2 8 before FP16, 9.1 before FP4a, and 9.5 before FP1 allows remote authenticated users to execute arbitrary code via unknown vectors. NOTE: the ADMIN_SP_C issue is already covered by CVE-2008-0699.
Affected configurations
Node
ibmdb2Match8.0-
ORibmdb2Match8.0fixpak1
ORibmdb2Match8.0fixpak10
ORibmdb2Match8.0fixpak11
ORibmdb2Match8.0fixpak12
ORibmdb2Match8.0fixpak13
ORibmdb2Match8.0fixpak14
ORibmdb2Match8.0fixpak15
ORibmdb2Match8.0fixpak2
ORibmdb2Match8.0fixpak3
ORibmdb2Match8.0fixpak4
ORibmdb2Match8.0fixpak5
ORibmdb2Match8.0fixpak6
ORibmdb2Match8.0fixpak6a
ORibmdb2Match8.0fixpak6b
ORibmdb2Match8.0fixpak6c
ORibmdb2Match8.0fixpak7
ORibmdb2Match8.0fixpak7a
ORibmdb2Match8.0fixpak7b
ORibmdb2Match8.0fixpak8
ORibmdb2Match8.0fixpak8a
ORibmdb2Match8.0fixpak9
ORibmdb2Match8.0fixpak9a
ORibmdb2Match9.1-
ORibmdb2Match9.1fp1
ORibmdb2Match9.1fp2
ORibmdb2Match9.1fp2a
ORibmdb2Match9.1fp3
ORibmdb2Match9.1fp3a
ORibmdb2Match9.1fp4
ORibmdb2Match9.5-
Related
cvelist
cvelist
CVE-2008-1997
2008-04-28 18:21:00
CVE-2008-0699
2008-02-12 00:00:00
nvd
nvd
CVE-2008-1997
2008-04-28 20:05:00
CVE-2008-0699
2008-02-12 01:00:00
prion
prion
Code injection
2008-04-28 20:05:00
Code injection
2008-02-12 01:00:00
nessus
nessus
IBM DB2 < 9.5 Fix Pack 1 Multiple Vulnerabilities
2008-07-30 00:00:00
cve
cve
CVE-2008-0699
2008-02-12 01:00:00
9 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:C/I:C/A:C
6.9 Medium
AI Score
Confidence
Low
0.02 Low
EPSS
Percentile
88.9%
Related for CVE-2008-1997