Vulnerability Description
Unspecified vulnerability in the ADMIN_SP_C procedure (SYSPROC.ADMIN_SP_C) in IBM DB2 UDB before 8.2 Fixpak 16, 9.1 before FP4a, and 9.5 before FP1 allows remote authenticated users to execute arbitrary code via unspecified attack vectors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Db2 | 8.2 |
References
- ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APAVendor Advisory
- http://osvdb.org/41795Broken Link
- http://secunia.com/advisories/28771Third Party Advisory
- http://secunia.com/advisories/29022Third Party Advisory
- http://secunia.com/advisories/29784Third Party Advisory
- http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06972PatchVendor Advisory
- http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06973PatchVendor Advisory
- http://www-1.ibm.com/support/docview.wss?uid=swg1IZ10917PatchVendor Advisory
- http://www.appsecinc.com/resources/alerts/db2/2008-02.shtmlThird Party Advisory
- http://www.securityfocus.com/archive/1/491075/100/0/threadedThird Party AdvisoryVDB Entry
- http://www.vupen.com/english/advisories/2008/0401Third Party Advisory
- ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APAVendor Advisory
- http://osvdb.org/41795Broken Link
- http://secunia.com/advisories/28771Third Party Advisory
- http://secunia.com/advisories/29022Third Party Advisory
FAQ
What is CVE-2008-0699?
CVE-2008-0699 is a vulnerability with a CVSS score of 9.0 (HIGH). Unspecified vulnerability in the ADMIN_SP_C procedure (SYSPROC.ADMIN_SP_C) in IBM DB2 UDB before 8.2 Fixpak 16, 9.1 before FP4a, and 9.5 before FP1 allows remote authenticated users to execute arbitra...
How severe is CVE-2008-0699?
CVE-2008-0699 has been rated HIGH with a CVSS base score of 9.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-0699?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Db2.