CVE-2008-1997

Unspecified vulnerability in the ADMIN_SP_C2 procedure in IBM DB2 8 before FP16, 9.1 before FP4a, and 9.5 before FP1 allows remote authenticated users to execute arbitrary code via unknown vectors. NOTE: the ADMIN_SP_C issue is already covered by CVE-2008-0699.

Published: Apr 28, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-1997
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 9
AV:N/AC:L/Au:S/C:C/I:C/A:C

CWEs:

CWE-94

Affected Software
References

Software	From	Fixed in
ibm / db2	9.1-fp4	9.1-fp4.x
ibm / db2	9.1-fp1	9.1-fp1.x
ibm / db2	9.1-fp3	9.1-fp3.x
ibm / db2	9.1-fp3a	9.1-fp3a.x
ibm / db2	9.1-fp2a	9.1-fp2a.x
ibm / db2	9.1-fp2	9.1-fp2.x
ibm / db2	9.5	9.5.x
ibm / db2	9.1	9.1.x
ibm / db2	8.0	8.0.x
ibm / db2	8.0-fixpak1	8.0-fixpak1.x
ibm / db2	8.0-fixpak10	8.0-fixpak10.x
ibm / db2	8.0-fixpak11	8.0-fixpak11.x
ibm / db2	8.0-fixpak12	8.0-fixpak12.x
ibm / db2	8.0-fixpak13	8.0-fixpak13.x
ibm / db2	8.0-fixpak14	8.0-fixpak14.x
ibm / db2	8.0-fixpak15	8.0-fixpak15.x
ibm / db2	8.0-fixpak2	8.0-fixpak2.x
ibm / db2	8.0-fixpak3	8.0-fixpak3.x
ibm / db2	8.0-fixpak4	8.0-fixpak4.x
ibm / db2	8.0-fixpak5	8.0-fixpak5.x
ibm / db2	8.0-fixpak6	8.0-fixpak6.x
ibm / db2	8.0-fixpak6a	8.0-fixpak6a.x
ibm / db2	8.0-fixpak6b	8.0-fixpak6b.x
ibm / db2	8.0-fixpak6c	8.0-fixpak6c.x
ibm / db2	8.0-fixpak7	8.0-fixpak7.x
ibm / db2	8.0-fixpak7a	8.0-fixpak7a.x
ibm / db2	8.0-fixpak7b	8.0-fixpak7b.x
ibm / db2	8.0-fixpak8	8.0-fixpak8.x
ibm / db2	8.0-fixpak8a	8.0-fixpak8a.x
ibm / db2	8.0-fixpak9	8.0-fixpak9.x
ibm / db2	8.0-fixpak9a	8.0-fixpak9a.x

Vulnerability Database

289,871

CVE-2008-1997