CVE-2008-0698

Published: Feb 12, 2008Modified: Apr 23, 2026

7.8

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Exploitability: 10.0 / Impact: 6.9

Source: NVD

Description

Buffer overflow in the DAS server in IBM DB2 UDB before 8.2 Fixpak 16 has unknown attack vectors, and an impact probably involving "invalid memory access."

Affected (1)

Products: Ibm: Db2

Ibm

1 product

Db2

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Ibm Db2	Version 8.2_fixpack15

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (10)

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT (unsafe URL)

Source: cve@mitre.org

http://secunia.com/advisories/28771

Source: cve@mitre.org

Vendor Advisory

http://www-1.ibm.com/support/docview.wss?uid=swg1IZ05496

Source: cve@mitre.org

http://www.securityfocus.com/bid/27681

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2008/0401

Source: cve@mitre.org

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT (unsafe URL)