CVE-2008-3960

CWE-20 — Improper Input Validation3 documents3 sources

Severity

5.0MEDIUM

EPSS

1.4%

top 19.42%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM DB2 Universal Database

Timeline

PublishedSep 11

Latest updateMay 3

Description

Unspecified vulnerability in the JDBC Applet Server Service (aka db2jds) in IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial of service (service crash) via "malicious packets."

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDibm/db2_universal_database8.2+1

🔴Vulnerability Details

GHSA

GHSA-jpcf-q9v6-ghjf: Unspecified vulnerability in the JDBC Applet Server Service (aka db2jds) in IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial o↗2022-05-03

▶

CVEList

CVE-2008-3960: Unspecified vulnerability in the JDBC Applet Server Service (aka db2jds) in IBM DB2 UDB 8 before Fixpak 17 allows remote attackers to cause a denial o↗2008-09-09

▶