Vulnerability Details CVE-2008-3858
The Downlevel DB2RA Support component in IBM DB2 9.1 before Fixpak 4a allows remote attackers to cause a denial of service (instance crash) via a crafted CONNECT data stream that simulates a V7 client connect request.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 76.0%
CVSS Severity
CVSS v2 Score 4.3
References
- http://osvdb.org/48428
- http://www-1.ibm.com/support/docview.wss?uid=swg1IZ07299
- http://www-1.ibm.com/support/docview.wss?uid=swg21255607
- http://www.securityfocus.com/bid/29601
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45138
- http://osvdb.org/48428
- http://www-1.ibm.com/support/docview.wss?uid=swg1IZ07299
- http://www-1.ibm.com/support/docview.wss?uid=swg21255607
- http://www.securityfocus.com/bid/29601
- https://exchange.xforce.ibmcloud.com/vulnerabilities/45138
Products affected by CVE-2008-3858
-
cpe:2.3:a:ibm:db2_universal_database:9.1