CVE-2008-3853 Information

Description

Buffer overflow in the DAS server program in the Core DAS function component in IBM DB2 9.1 before FP4a and 9.5 before FP1 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via unspecified vectors. NOTE: this might be related to CVE-2007-3676.

Reference

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT http://secunia.com/advisories/29784 http://www.securityfocus.com/bid/29601 http://www-01.ibm.com/support/docview.wss?uid=swg1IZ12406 http://www-1.ibm.com/support/docview.wss?uid=swg1IZ12379 http://www-1.ibm.com/support/docview.wss?uid=swg21255607 https://exchange.xforce.ibmcloud.com/vulnerabilities/45141