PT-2008-3518 · Ibm · Ibm Db2
Published
2008-04-28
·
Updated
2023-01-17
·
CVE-2008-1997
CVSS v2.0
9.0
High
| Vector | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
IBM DB2 versions 8.0 through 8.0 FP15
IBM DB2 versions 9.1 through 9.1 FP3
IBM DB2 versions 9.5 through 9.5 FP0
Description
The issue allows remote authenticated users to execute arbitrary code via unknown vectors in the ADMIN SP C2 procedure.
Recommendations
For IBM DB2 version 8, update to FP16 or later.
For IBM DB2 version 9.1, update to FP4a or later.
For IBM DB2 version 9.5, update to FP1 or later.
Fix
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Ibm Db2