CVE-2008-1966

Multiple buffer overflows in the JAR file administration routines in the BSU JAVA subcomponent in IBM DB2 8 before FP16, 9.1 before FP4a, and 9.5 before FP1 allow remote authenticated users to cause a denial of service (instance crash) via a call to the (1) RECOVERJAR or (2) REMOVE_JAR procedure with a crafted parameter, related to (a) sqlj.install_jar and (b) sqlj.replace_jar.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:db2:8.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.0:fp1:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.0:fp10:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.0:fp11:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.0:fp12:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.0:fp13:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.0:fp14:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.0:fp15:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.0:fp2:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.0:fp3:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.0:fp4:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.0:fp4a:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.0:fp5:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.0:fp6:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.0:fp6a:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.0:fp6b:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.0:fp6c:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.0:fp7:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.0:fp7a:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.0:fp7b:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.0:fp8:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.0:fp8a:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.0:fp9:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:8.0:fp9a:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:ibm:db2:9.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp1:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp2:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp2a:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp3:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp3a:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp4:*:*:*:*:*:*

History

No history.

Information

Published : 2008-04-27 18:05

Updated : 2024-02-04 17:33


NVD link : CVE-2008-1966

Mitre link : CVE-2008-1966

CVE.ORG link : CVE-2008-1966


JSON object : View

Products Affected

ibm

  • db2
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer