VYPR
Get started
← All advisories
Unrated severityNVD Advisory· Published Aug 28, 2008· Updated Apr 23, 2026

CVE-2008-3853

CVE-2008-3853

Description

Buffer overflow in the DAS server program in the Core DAS function component in IBM DB2 9.1 before FP4a and 9.5 before FP1 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via unspecified vectors. NOTE: this might be related to CVE-2007-3676.

Affected products

16
  • IBM/Db2 Universal Database16 versions
    cpe:2.3:a:ibm:db2_universal_database:9.1:*:aix:*:*:*:*:*+ 15 more
    • cpe:2.3:a:ibm:db2_universal_database:9.1:*:aix:*:*:*:*:*
    • cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:aix:*:*:*:*:*
    • cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:hp-ux:*:*:*:*:*
    • cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:linux:*:*:*:*:*
    • cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:solaris:*:*:*:*:*
    • cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:aix:*:*:*:*:*
    • cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:hp-ux:*:*:*:*:*
    • cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:linux:*:*:*:*:*
    • cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:solaris:*:*:*:*:*
    • cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:aix:*:*:*:*:*
    • cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:hp-ux:*:*:*:*:*
    • cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:linux:*:*:*:*:*
    • cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:solaris:*:*:*:*:*
    • cpe:2.3:a:ibm:db2_universal_database:9.1:*:hp_ux:*:*:*:*:*
    • cpe:2.3:a:ibm:db2_universal_database:9.1:*:linux:*:*:*:*:*
    • cpe:2.3:a:ibm:db2_universal_database:9.1:*:solaris:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

7

News mentions

0

No linked articles in our index yet.