Unspecified vulnerability in the ADMIN_SP_C2 procedure in IBM DB2 8 before FP16, 9.1 before FP4a, and 9.5 before FP1 allows remote authenticated users to execute arbitrary code via unknown vectors. NOTE: the ADMIN_SP_C issue is already covered by CVE-2008-0699.
References
Link | Resource |
---|---|
http://secunia.com/advisories/29022 | Not Applicable |
http://securityreason.com/securityalert/3841 | Issue Tracking Third Party Advisory |
http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06972 | Vendor Advisory |
http://www.appsecinc.com/resources/alerts/db2/2008-02.shtml | Not Applicable |
http://www.securityfocus.com/archive/1/491075/100/0/threaded | Third Party Advisory VDB Entry |
Configurations
Configuration 1 (hide)
|
History
17 Jan 2023, 17:19
Type | Values Removed | Values Added |
---|---|---|
References | (AIXAPAR) http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06972 - Vendor Advisory | |
References | (BUGTRAQ) http://www.securityfocus.com/archive/1/491075/100/0/threaded - Third Party Advisory, VDB Entry | |
References | (MISC) http://www.appsecinc.com/resources/alerts/db2/2008-02.shtml - Not Applicable | |
References | (SREASON) http://securityreason.com/securityalert/3841 - Issue Tracking, Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/29022 - Not Applicable | |
First Time |
Ibm db2
|
|
CPE | cpe:2.3:a:ibm:db2:8.0:-:*:*:*:*:*:* cpe:2.3:a:ibm:db2:8.0:fixpak15:*:*:*:*:*:* cpe:2.3:a:ibm:db2:9.1:fp3a:*:*:*:*:*:* cpe:2.3:a:ibm:db2:8.0:fixpak1:*:*:*:*:*:* cpe:2.3:a:ibm:db2:8.0:fixpak12:*:*:*:*:*:* cpe:2.3:a:ibm:db2:8.0:fixpak6c:*:*:*:*:*:* cpe:2.3:a:ibm:db2:8.0:fixpak7:*:*:*:*:*:* cpe:2.3:a:ibm:db2:9.1:fp4:*:*:*:*:*:* cpe:2.3:a:ibm:db2:8.0:fixpak13:*:*:*:*:*:* cpe:2.3:a:ibm:db2:8.0:fixpak3:*:*:*:*:*:* cpe:2.3:a:ibm:db2:8.0:fixpak14:*:*:*:*:*:* cpe:2.3:a:ibm:db2:8.0:fixpak9:*:*:*:*:*:* cpe:2.3:a:ibm:db2:9.1:fp1:*:*:*:*:*:* cpe:2.3:a:ibm:db2:9.1:-:*:*:*:*:*:* cpe:2.3:a:ibm:db2:8.0:fixpak4:*:*:*:*:*:* cpe:2.3:a:ibm:db2:8.0:fixpak5:*:*:*:*:*:* cpe:2.3:a:ibm:db2:8.0:fixpak10:*:*:*:*:*:* cpe:2.3:a:ibm:db2:9.1:fp2:*:*:*:*:*:* cpe:2.3:a:ibm:db2:8.0:fixpak8:*:*:*:*:*:* cpe:2.3:a:ibm:db2:8.0:fixpak9a:*:*:*:*:*:* cpe:2.3:a:ibm:db2:8.0:fixpak2:*:*:*:*:*:* cpe:2.3:a:ibm:db2:8.0:fixpak6a:*:*:*:*:*:* cpe:2.3:a:ibm:db2:8.0:fixpak7b:*:*:*:*:*:* cpe:2.3:a:ibm:db2:8.0:fixpak11:*:*:*:*:*:* cpe:2.3:a:ibm:db2:8.0:fixpak6:*:*:*:*:*:* cpe:2.3:a:ibm:db2:9.5:-:*:*:*:*:*:* cpe:2.3:a:ibm:db2:8.0:fixpak7a:*:*:*:*:*:* cpe:2.3:a:ibm:db2:9.1:fp3:*:*:*:*:*:* cpe:2.3:a:ibm:db2:8.0:fixpak8a:*:*:*:*:*:* cpe:2.3:a:ibm:db2:9.1:fp2a:*:*:*:*:*:* cpe:2.3:a:ibm:db2:8.0:fixpak6b:*:*:*:*:*:* |
Information
Published : 2008-04-28 20:05
Updated : 2023-12-10 10:51
NVD link : CVE-2008-1997
Mitre link : CVE-2008-1997
CVE.ORG link : CVE-2008-1997
JSON object : View
Products Affected
ibm
- db2
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')