CVE-2008-0699

Unspecified vulnerability in the ADMIN_SP_C procedure (SYSPROC.ADMIN_SP_C) in IBM DB2 UDB before 8.2 Fixpak 16, 9.1 before FP4a, and 9.5 before FP1 allows remote authenticated users to execute arbitrary code via unspecified attack vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
9 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 91%
VendorProductVersion
ibmdb2
8.2:fp1
ibmdb2
8.2:fp10
ibmdb2
8.2:fp11
ibmdb2
8.2:fp12
ibmdb2
8.2:fp13
ibmdb2
8.2:fp14
ibmdb2
8.2:fp15
ibmdb2
8.2:fp16
ibmdb2
8.2:fp2
ibmdb2
8.2:fp3
ibmdb2
8.2:fp4
ibmdb2
8.2:fp5
ibmdb2
8.2:fp6
ibmdb2
8.2:fp7
ibmdb2
8.2:fp8
ibmdb2
8.2:fp9
ibmdb2
9.1
ibmdb2
9.1:fp1
ibmdb2
9.1:fp2
ibmdb2
9.1:fp2a
ibmdb2
9.1:fp3
ibmdb2
9.1:fp3a
ibmdb2
9.1:fp4
ibmdb2
9.5
𝑥
= Vulnerable software versions
References
ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
http://osvdb.org/41795
http://secunia.com/advisories/28771
http://secunia.com/advisories/29022
http://secunia.com/advisories/29784
http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06972
http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06973
http://www-1.ibm.com/support/docview.wss?uid=swg1IZ10917
http://www.appsecinc.com/resources/alerts/db2/2008-02.shtml
http://www.securityfocus.com/archive/1/491075/100/0/threaded
http://www.vupen.com/english/advisories/2008/0401
ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
http://osvdb.org/41795
http://secunia.com/advisories/28771
http://secunia.com/advisories/29022
http://secunia.com/advisories/29784
http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06972
http://www-1.ibm.com/support/docview.wss?uid=swg1IZ06973
http://www-1.ibm.com/support/docview.wss?uid=swg1IZ10917
http://www.appsecinc.com/resources/alerts/db2/2008-02.shtml
http://www.securityfocus.com/archive/1/491075/100/0/threaded
http://www.vupen.com/english/advisories/2008/0401