CVE-2008-3959

Description

IBM DB2 UDB 8.1 before FixPak 16, 8.2 before FixPak 9, and 9.1 before FixPak 4a allows remote attackers to cause a denial of service (instance crash) via a crafted SQLJRA packet within a CONNECT/ATTACH data stream that simulates a V7 client connect/attach request.

Software From Fixed in
ibm / db2 - 8.1.x
ibm / db2 - 8.2.x
ibm / db2 8.1-fp1 8.1-fp1.x
ibm / db2 8.1-fp10 8.1-fp10.x
ibm / db2 8.1-fp11 8.1-fp11.x
ibm / db2 8.1-fp12 8.1-fp12.x
ibm / db2 8.1-fp13 8.1-fp13.x
ibm / db2 8.1-fp14 8.1-fp14.x
ibm / db2 8.1-fp2 8.1-fp2.x
ibm / db2 8.1-fp3 8.1-fp3.x
ibm / db2 8.1-fp4 8.1-fp4.x
ibm / db2 8.1-fp5 8.1-fp5.x
ibm / db2 8.1-fp6 8.1-fp6.x
ibm / db2 8.1-fp7 8.1-fp7.x
ibm / db2 8.1-fp8 8.1-fp8.x
ibm / db2 8.1-fp9 8.1-fp9.x
ibm / db2 8.2 8.2.x
ibm / db2 8.2-fp1 8.2-fp1.x
ibm / db2 8.2-fp2 8.2-fp2.x
ibm / db2 8.2-fp3 8.2-fp3.x
ibm / db2 8.2-fp4 8.2-fp4.x
ibm / db2 8.2-fp5 8.2-fp5.x
ibm / db2 8.2-fp6 8.2-fp6.x
ibm / db2 8.2-fp7 8.2-fp7.x