NVD

Id
3719  
Name
CVE-2008-3857  
Description
The Base Service Utilities component in IBM DB2 9.1 before Fixpak 5 retains a cleartext password in memory after the database connection that sent the password is fully established, which might allow local users to obtain sensitive information by reading a memory dump.  
Reject
 
CVSS Version
2  
CVSS Score
4.6  
Severity
Medium  
CVSS Base Score
4.6  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
3.9  
CVSS Vector
(AV:L/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-03  
Published
2008-08-28  
Modified Date
2011-03-07  
Seq
2008-3857  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
23546 3719 CVE-2008-3857 JR27422  View
23547 3719 CVE-2008-3857 http://www-1.ibm.com/support/docview.wss?uid=swg21255607  View
23548 3719 CVE-2008-3857 29601  View
23549 3719 CVE-2008-3857 ADV-2008-1769  View
23550 3719 CVE-2008-3857 ibm-db2-baseservices-info-disclosure(45139)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
49495 JVNDB-2008-004805 IBM DB2 の Base Service Utilities コンポーネントにおける重要な情報を取得される脆弱性 IBM DB2 の Base Service Utilities コンポーネントは、パスワードを送信し、データベース接続を完全に確立した後、平文パスワードをメモリ内に残すため、重要な情報を取得される脆弱性が存在します。 CVE-2008-3857 33970 CVE-2008-3857 3719 4.6 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-004805.html 2008-08-28 2012-09-25 View