Vulnerability Description
The Native Managed Provider for .NET component in IBM DB2 8 before FP17, 9.1 before FP6, and 9.5 before FP2, when a definer cannot maintain objects, preserves views and triggers without marking them inoperative or dropping them, which has unknown impact and attack vectors.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Db2 | <= 8.0 |
References
- ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APA
- http://secunia.com/advisories/31787
- http://secunia.com/advisories/32368Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg1IZ22287
- http://www-01.ibm.com/support/docview.wss?uid=swg1IZ22306
- http://www-01.ibm.com/support/docview.wss?uid=swg1IZ22307
- http://www-01.ibm.com/support/docview.wss?uid=swg27013892
- http://www.vupen.com/english/advisories/2008/2893
- https://exchange.xforce.ibmcloud.com/vulnerabilities/46021
- ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APA
- http://secunia.com/advisories/31787
- http://secunia.com/advisories/32368Vendor Advisory
- http://www-01.ibm.com/support/docview.wss?uid=swg1IZ22287
- http://www-01.ibm.com/support/docview.wss?uid=swg1IZ22306
- http://www-01.ibm.com/support/docview.wss?uid=swg1IZ22307
FAQ
What is CVE-2008-4692?
CVE-2008-4692 is a vulnerability with a CVSS score of 10.0 (HIGH). The Native Managed Provider for .NET component in IBM DB2 8 before FP17, 9.1 before FP6, and 9.5 before FP2, when a definer cannot maintain objects, preserves views and triggers without marking them i...
How severe is CVE-2008-4692?
CVE-2008-4692 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-4692?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Db2.