CVE-2008-3854

Name of the Vulnerable Software and Affected Versions IBM DB2 versions 9.1 before Fixpak 5 IBM DB2 versions 9.5 before Fixpak 1

Description The issue is related to multiple stack-based buffer overflows that can cause a denial of service, resulting in a system outage. This can be triggered via various vectors, including the use of XQuery to issue statements, as well as the XMLQUERY, XMLEXISTS, and XMLTABLE statements. Additionally, the sqlrlaka function is also a vector for this issue.

Recommendations For IBM DB2 version 9.1, apply Fixpak 5 to resolve the issue. For IBM DB2 version 9.5, apply Fixpak 1 to resolve the issue.