Unrated severityNVD Advisory· Published Sep 11, 2008· Updated Apr 23, 2026
CVE-2008-3958
CVE-2008-3958
Description
IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service (instance crash) via a crafted CONNECT/ATTACH data stream that simulates a V7 client connect/attach request. NOTE: this may overlap CVE-2008-3858. NOTE: this issue exists because of an incomplete fix for CVE-2008-3959.
Affected products
24cpe:2.3:a:ibm:db2:8.0:*:*:*:*:*:*:*+ 22 more
- cpe:2.3:a:ibm:db2:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp10:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp11:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp12:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp13:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp14:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp15:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp2:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp3:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp4:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp5:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp6:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp6a:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp6b:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp6c:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp7:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp7a:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp7b:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp8:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp8a:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp9:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:8.0:fp9a:*:*:*:*:*:*
- cpe:2.3:a:ibm:db2:*:fp16:*:*:*:*:*:*range: <=8.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6News mentions
0No linked articles in our index yet.