PT-2008-1439 · Ibm · Ibm Db2 Universal Database (Udb) Administration Server

Published

2008-02-12

Updated

2008-09-05

CVE-2007-3676

CVSS v2.0

High

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions IBM DB2 Universal Database (UDB) Administration Server (DAS) versions 8 before Fix Pack 16 IBM DB2 Universal Database (UDB) Administration Server (DAS) versions 9 before Fix Pack 4

Description The issue allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via modified pointer values in unspecified remote administration requests. This triggers memory corruption or other invalid memory access.

Recommendations For IBM DB2 Universal Database (UDB) Administration Server (DAS) versions 8 before Fix Pack 16, apply Fix Pack 16 to resolve the issue. For IBM DB2 Universal Database (UDB) Administration Server (DAS) versions 9 before Fix Pack 4, apply Fix Pack 4 to resolve the issue.

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

CVE-2007-3676

Affected Products

Ibm Db2 Universal Database (Udb) Administration Server

PT-2008-1439 · Ibm · Ibm Db2 Universal Database (Udb) Administration Server

CVE-2007-3676

Weakness Enumeration

Related Identifiers

Affected Products

References · 3