Buffer Overflow in IBM DB2 DAS Server Program
CVE-2008-3853

Currently unrated

Key Information:

Vendor: IBM
Status: Db2 Universal Database
Vendor: CVE Published:; 28 August 2008

Summary

A vulnerability exists in the DAS server program of IBM's DB2 database, specifically within the Core DAS function component. This flaw can allow remote attackers to exploit the buffer overflow, leading to the execution of arbitrary code or a denial of service, manifesting as a crash of the daemon. The issue affects versions of IBM DB2 prior to fixes in version 9.1 FP4a and version 9.5 FP1. It is crucial for users to apply the latest patches to mitigate the risks associated with this vulnerability, which may also relate to previous vulnerabilities.

References

http://www-1.ibm.com/support/docview.wss?uid=swg21255607

x_refsource_CONFIRM

http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12379

vendor-advisoryx_refsource_AIXAPAR

https://exchange.xforce.ibmcloud.com/vulnerabilities/45141

vdb-entryx_refsource_XF

EPSS Score

14% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 28, 2008
Vulnerability Reserved
Aug 28, 2008