CVE-2008-3854 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2008-3854
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2008-3854

Description: Multiple stack-based buffer overflows in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 1 allow remote attackers to cause a denial of service (system outage) via vectors related to (1) use of XQuery to issue statements; the (2) XMLQUERY, (3) XMLEXISTS, and (4) XMLTABLE statements; and the (5) sqlrlaka function.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/42935 http://xforce.iss.net/xforce/xfdb/42930 SAID Secunia Advisory: SA30558 CONFIRM http://www-1.ibm.com/support/docview.wss?uid=swg21255607 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/496406/100/0/threaded BID 29601 AIXAPAR http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18431 http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18434 http://www-1.ibm.com/support/docview.wss?uid=swg1IZ16346

Return to the previous page.