Lucene search

[email protected]NVD:CVE-2008-3959

HistorySep 11, 2008 - 1:13 a.m.

CVE-2008-3959

2008-09-1101:13:47

[email protected]

web.nvd.nist.gov

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.2 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.2%

JSON

IBM DB2 UDB 8.1 before FixPak 16, 8.2 before FixPak 9, and 9.1 before FixPak 4a allows remote attackers to cause a denial of service (instance crash) via a crafted SQLJRA packet within a CONNECT/ATTACH data stream that simulates a V7 client connect/attach request.

Affected configurations

NVD

Node

ibmdb2Range≤8.1fp15

ibmdb2Range≤8.2fp8

ibmdb2Match8.1fp1

ibmdb2Match8.1fp10

ibmdb2Match8.1fp11

ibmdb2Match8.1fp12

ibmdb2Match8.1fp13

ibmdb2Match8.1fp14

ibmdb2Match8.1fp2

ibmdb2Match8.1fp3

ibmdb2Match8.1fp4

ibmdb2Match8.1fp5

ibmdb2Match8.1fp6

ibmdb2Match8.1fp7

ibmdb2Match8.1fp8

ibmdb2Match8.1fp9

ibmdb2Match8.2

ibmdb2Match8.2fp1

ibmdb2Match8.2fp2

ibmdb2Match8.2fp3

ibmdb2Match8.2fp4

ibmdb2Match8.2fp5

ibmdb2Match8.2fp6

ibmdb2Match8.2fp7

References

secunia.com/advisories/29022

www-1.ibm.com/support/docview.wss?uid=swg1IZ05043

www.appsecinc.com/resources/alerts/db2/2008-01.shtml

exchange.xforce.ibmcloud.com/vulnerabilities/45134

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.2 Medium

AI Score

Confidence

High

0.007 Low

EPSS

Percentile

80.2%

JSON

Related for NVD:CVE-2008-3959

cve2 prion2 cvelist2 nvd1 ibm2