Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2008-3854
HistoryAug 28, 2008 - 5:41 p.m.

CVE-2008-3854

2008-08-2817:41:00
CWE-119
[email protected]
web.nvd.nist.gov
21
ibm db2
buffer overflow
denial of service
cve-2008-3854
security vulnerability
nvd

6.4 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.139 Low

EPSS

Percentile

95.7%

JSON

Multiple stack-based buffer overflows in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 1 allow remote attackers to cause a denial of service (system outage) via vectors related to (1) use of XQuery to issue statements; the (2) XMLQUERY, (3) XMLEXISTS, and (4) XMLTABLE statements; and the (5) sqlrlaka function.

Affected configurations

NVD
Node
ibmdb2_universal_databaseMatch9.1aix
OR
ibmdb2_universal_databaseMatch9.1hp_ux
OR
ibmdb2_universal_databaseMatch9.1linux
OR
ibmdb2_universal_databaseMatch9.1solaris
OR
ibmdb2_universal_databaseMatch9.1windows
OR
ibmdb2_universal_databaseMatch9.1fp2aix
OR
ibmdb2_universal_databaseMatch9.1fp2hp-ux
OR
ibmdb2_universal_databaseMatch9.1fp2linux
OR
ibmdb2_universal_databaseMatch9.1fp2solaris
OR
ibmdb2_universal_databaseMatch9.1fp2windows
OR
ibmdb2_universal_databaseMatch9.1fp3aix
OR
ibmdb2_universal_databaseMatch9.1fp3hp-ux
OR
ibmdb2_universal_databaseMatch9.1fp3linux
OR
ibmdb2_universal_databaseMatch9.1fp3solaris
OR
ibmdb2_universal_databaseMatch9.1fp3windows
OR
ibmdb2_universal_databaseMatch9.1fp4aix
OR
ibmdb2_universal_databaseMatch9.1fp4hp-ux
OR
ibmdb2_universal_databaseMatch9.1fp4linux
OR
ibmdb2_universal_databaseMatch9.1fp4solaris
OR
ibmdb2_universal_databaseMatch9.1fp4windows
OR
ibmdb2_universal_databaseMatch9.1fp4aaix
OR
ibmdb2_universal_databaseMatch9.1fp4ahp-ux
OR
ibmdb2_universal_databaseMatch9.1fp4alinux
OR
ibmdb2_universal_databaseMatch9.1fp4asolaris
OR
ibmdb2_universal_databaseMatch9.1fp4awindows
OR
ibmdb2_universal_databaseMatch9.5aix
OR
ibmdb2_universal_databaseMatch9.5hp-ux
OR
ibmdb2_universal_databaseMatch9.5linux
OR
ibmdb2_universal_databaseMatch9.5solaris
OR
ibmdb2_universal_databaseMatch9.5windows

Related

prion 1
nvd 1
cvelist 1
checkpoint_advisories 1
securityvulns 2
nessus 2
prion
prion
Stack overflow
2008-08-28 17:41:00
nvd
nvd
CVE-2008-3854
2008-08-28 17:41:00
cvelist
cvelist
CVE-2008-3854
2008-08-28 17:00:00
checkpoint_advisories
checkpoint_advisories
IBM DB2 Universal Database XML Query Buffer Overflow (CVE-2008-3854)
2009-11-16 00:00:00
securityvulns
securityvulns
Team SHATTER Security Advisory: IBM DB2 UDB - Buffer overrun in XMLQUERY and XMLEXISTS
2008-09-22 00:00:00
IBM DB2 multiple security vulnerabilities
2008-09-22 00:00:00
nessus
nessus
IBM DB2 < 9.5 Fix Pack 1 Multiple Vulnerabilities
2008-07-30 00:00:00
IBM DB2 < 9 Fix Pack 5 Multiple Vulnerabilities
2008-06-10 00:00:00

6.4 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.139 Low

EPSS

Percentile

95.7%

JSON
Related for CVE-2008-3854
prion1nvd1cvelist1checkpoint_advisories1securityvulns2nessus2