CVE-2008-3959

IBM DB2 UDB 8.1 before FixPak 16, 8.2 before FixPak 9, and 9.1 before FixPak 4a allows remote attackers to cause a denial of service (instance crash) via a crafted SQLJRA packet within a CONNECT/ATTACH data stream that simulates a V7 client connect/attach request.

Published: Sep 11, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-3959
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
ibm / db2	8.1-fp1	8.1-fp1.x
ibm / db2	8.1-fp10	8.1-fp10.x
ibm / db2	8.2-fp7	8.2-fp7.x
ibm / db2	8.1-fp2	8.1-fp2.x
ibm / db2	8.1-fp5	8.1-fp5.x
ibm / db2	8.2-fp5	8.2-fp5.x
ibm / db2	8.2-fp3	8.2-fp3.x
ibm / db2	8.1-fp8	8.1-fp8.x
ibm / db2	8.2-fp2	8.2-fp2.x
ibm / db2	8.1-fp14	8.1-fp14.x
ibm / db2	8.1-fp11	8.1-fp11.x
ibm / db2	8.1-fp7	8.1-fp7.x
ibm / db2	8.2-fp6	8.2-fp6.x
ibm / db2	8.1-fp12	8.1-fp12.x
ibm / db2	8.1-fp4	8.1-fp4.x
ibm / db2	-	8.2.x
ibm / db2	8.1-fp6	8.1-fp6.x
ibm / db2	-	8.1.x
ibm / db2	8.1-fp13	8.1-fp13.x
ibm / db2	8.1-fp3	8.1-fp3.x
ibm / db2	8.1-fp9	8.1-fp9.x
ibm / db2	8.2-fp1	8.2-fp1.x
ibm / db2	8.2	8.2.x
ibm / db2	8.2-fp4	8.2-fp4.x

Vulnerability Database

289,871

CVE-2008-3959