CVE-2008-3959
Severity:
Pending analysis
Type:
Unavailable / Other
Publication date:
11/09/2008
Last modified:
08/08/2017
Description
IBM DB2 UDB 8.1 before FixPak 16, 8.2 before FixPak 9, and 9.1 before FixPak 4a allows remote attackers to cause a denial of service (instance crash) via a crafted SQLJRA packet within a CONNECT/ATTACH data stream that simulates a V7 client connect/attach request.
Impact
Base Score 2.0
5.00
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:ibm:db2:*:fp15:*:*:*:*:*:* | 8.1 (including) | |
cpe:2.3:a:ibm:db2:*:fp8:*:*:*:*:*:* | 8.2 (including) | |
cpe:2.3:a:ibm:db2:8.1:fp1:*:*:*:*:*:* | ||
cpe:2.3:a:ibm:db2:8.1:fp10:*:*:*:*:*:* | ||
cpe:2.3:a:ibm:db2:8.1:fp11:*:*:*:*:*:* | ||
cpe:2.3:a:ibm:db2:8.1:fp12:*:*:*:*:*:* | ||
cpe:2.3:a:ibm:db2:8.1:fp13:*:*:*:*:*:* | ||
cpe:2.3:a:ibm:db2:8.1:fp14:*:*:*:*:*:* | ||
cpe:2.3:a:ibm:db2:8.1:fp2:*:*:*:*:*:* | ||
cpe:2.3:a:ibm:db2:8.1:fp3:*:*:*:*:*:* | ||
cpe:2.3:a:ibm:db2:8.1:fp4:*:*:*:*:*:* | ||
cpe:2.3:a:ibm:db2:8.1:fp5:*:*:*:*:*:* | ||
cpe:2.3:a:ibm:db2:8.1:fp6:*:*:*:*:*:* | ||
cpe:2.3:a:ibm:db2:8.1:fp7:*:*:*:*:*:* | ||
cpe:2.3:a:ibm:db2:8.1:fp8:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page