CVE-2008-0699

Sažetak

Unspecified vulnerability in the ADMIN_SP_C procedure (SYSPROC.ADMIN_SP_C) in IBM DB2 UDB before 8.2 Fixpak 16, 9.1 before FP4a, and 9.5 before FP1 allows remote authenticated users to execute arbitrary code via unspecified attack vectors.

Reference

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
http://osvdb.org/41795
http://secunia.com/advisories/28771
http://secunia.com/advisories/29022
http://secunia.com/advisories/29784
http://www.appsecinc.com/resources/alerts/db2/2008-02.shtml
http://www.securityfocus.com/archive/1/491075/100/0/threaded
http://www.vupen.com/english/advisories/2008/0401
http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06972
http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06973
http://www-1.ibm.com/support/docview.wss?uid=swg1IZ10917

CVSS

Base:	9.0
Impact:	10.0
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:S/C:C/I:C/A:C

Zadnje važnije ažuriranje

01-11-2018 - 15:01

Objavljeno

12-02-2008 - 01:00