Vulnerability in CLR Stored Procedure Deployment in IBM DB2 by IBM
CVE-2008-3852

Currently unrated

Key Information:

Vendor: IBM
Status: Db2 Universal Database
Vendor: CVE Published:; 28 August 2008

Summary

An unspecified vulnerability exists in the CLR stored procedure deployment within the IBM Database Add-Ins for Visual Studio, affecting versions of IBM DB2 prior to Fixpak 5 for version 9.1 and prior to Fixpak 2 for version 9.5. This flaw allows remote authenticated users to exploit the system by executing arbitrary code through unknown vectors, posing significant security risks to the integrity and confidentiality of the database environment.

References

http://www-1.ibm.com/support/docview.wss?uid=swg21255607

x_refsource_CONFIRM

http://www-1.ibm.com/support/docview.wss?uid=swg1JR28432

vendor-advisoryx_refsource_AIXAPAR

http://www.securitytracker.com/id?1020761

vdb-entryx_refsource_SECTRACK

Timeline

Vulnerability published
Aug 28, 2008
Vulnerability Reserved
Aug 28, 2008