Unrated severityNVD Advisory· Published Apr 27, 2008· Updated Apr 23, 2026
CVE-2008-1966
CVE-2008-1966
Description
Multiple buffer overflows in the JAR file administration routines in the BSU JAVA subcomponent in IBM DB2 8 before FP16, 9.1 before FP4a, and 9.5 before FP1 allow remote authenticated users to cause a denial of service (instance crash) via a call to the (1) RECOVERJAR or (2) REMOVE_JAR procedure with a crafted parameter, related to (a) sqlj.install_jar and (b) sqlj.replace_jar.
Affected products
32cpe:2.3:a:ibm:db2:8.0:*:*:*:*:*:*:*+ 31 more
- cpe:2.3:a:ibm:db2:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp1:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp10:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp11:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp12:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp13:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp14:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp15:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp2:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp3:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp4:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp4a:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp5:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp6:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp6a:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp6b:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp6c:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp7:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp7a:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp7b:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp8:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp8a:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp9:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp9a:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.1:fp1:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.1:fp2:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.1:fp2a:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.1:fp3:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.1:fp3a:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.1:fp4:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
12- secunia.com/advisories/29022nvdVendor Advisory
- osvdb.org/46268nvd
- osvdb.org/46269nvd
- www-1.ibm.com/support/docview.wssnvd
- www-1.ibm.com/support/docview.wssnvd
- www-1.ibm.com/support/docview.wssnvd
- www-1.ibm.com/support/docview.wssnvd
- www.appsecinc.com/resources/alerts/db2/2008-04.shtmlnvd
- www.securityfocus.com/archive/1/491071/100/0/threadednvd
- www.securityfocus.com/bid/28835nvd
- www.securityfocus.com/bid/29601nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/41955nvd
News mentions
0No linked articles in our index yet.