CVE-2008-3856

The routine infrastructure component in IBM DB2 8 before FP17, 9.1 before FP5, and 9.5 before FP1 on Unix and Linux does not change the ownership of the db2fmp process, which has unknown impact and attack vectors.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 73%
VendorProductVersion
ibmdb2_universal_database
𝑥
≤ 8
ibmdb2_universal_database
𝑥
≤ 8
ibmdb2_universal_database
𝑥
≤ 8
ibmdb2_universal_database
𝑥
≤ 8
ibmdb2_universal_database
𝑥
≤ 9.1
ibmdb2_universal_database
𝑥
≤ 9.1
ibmdb2_universal_database
𝑥
≤ 9.1
ibmdb2_universal_database
𝑥
≤ 9.1
ibmdb2_universal_database
8.0
ibmdb2_universal_database
8.0
ibmdb2_universal_database
8.0
ibmdb2_universal_database
8.0
ibmdb2_universal_database
9.1
ibmdb2_universal_database
9.1
ibmdb2_universal_database
9.1
ibmdb2_universal_database
9.1
ibmdb2_universal_database
9.1:fp2
ibmdb2_universal_database
9.1:fp2
ibmdb2_universal_database
9.1:fp2
ibmdb2_universal_database
9.1:fp2
ibmdb2_universal_database
9.1:fp3
ibmdb2_universal_database
9.1:fp3
ibmdb2_universal_database
9.1:fp3
ibmdb2_universal_database
9.1:fp3
ibmdb2_universal_database
9.1:fp4
ibmdb2_universal_database
9.1:fp4
ibmdb2_universal_database
9.1:fp4
ibmdb2_universal_database
9.1:fp4
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
http://secunia.com/advisories/29784
http://secunia.com/advisories/31787
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ19155
http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20350
http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20352
http://www-1.ibm.com/support/docview.wss?uid=swg21255607
http://www.securityfocus.com/bid/29601
http://www.securityfocus.com/bid/31058
https://exchange.xforce.ibmcloud.com/vulnerabilities/45140
ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT
ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
http://secunia.com/advisories/29784
http://secunia.com/advisories/31787
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ19155
http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20350
http://www-1.ibm.com/support/docview.wss?uid=swg1IZ20352
http://www-1.ibm.com/support/docview.wss?uid=swg21255607
http://www.securityfocus.com/bid/29601
http://www.securityfocus.com/bid/31058
https://exchange.xforce.ibmcloud.com/vulnerabilities/45140