CVE-2008-3854 [High] | Memory Corruption in Db2 Universal Database

Multiple stack-based buffer overflows in IBM DB2 9.1 before Fixpak 5 and 9.5 before Fixpak 1 allow remote attackers to cause a denial of service (system outage) via vectors related to (1) use of XQuery to issue statements; the (2) XMLQUERY, (3) XMLEXISTS, and (4) XMLTABLE statements; and the (5) sqlrlaka function.

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2026-06-15	5.36%	3.68%	-1.67%
2	2026-04-29	7.10%	5.36%	-1.74%
3	2025-10-18	—	7.10%	—

Date

Old EPSS score

New EPSS score

Delta (New - Old)

2026-06-15

5.36%

3.68%

-1.67%

2026-04-29

7.10%

5.36%

-1.74%

2025-10-18

—

7.10%

—

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
7.8	2.0	HIGH	`AV:N/AC:L/Au:N/C:N/I:N/A:C` Click to expand Access vector (AV:N) Can be exploited remotely over network reachability. Access complexity (AC:L) Exploitation conditions are straightforward and predictable. Authentication (AU:N) No authentication is required. Confidentiality impact (C:N) No confidentiality impact. Integrity impact (I:N) No integrity impact. Availability impact (A:C) Complete availability impact.	10.0	6.9	[email protected]

Base score

Version

Severity

Vector

Exploitability

Impact

Score source

7.8

2.0

HIGH

AV:N/AC:L/Au:N/C:N/I:N/A:C Click to expand

Access vector (AV:N): Can be exploited remotely over network reachability.
Access complexity (AC:L): Exploitation conditions are straightforward and predictable.
Authentication (AU:N): No authentication is required.
Confidentiality impact (C:N): No confidentiality impact.
Integrity impact (I:N): No integrity impact.
Availability impact (A:C): Complete availability impact.

10.0

6.9

[email protected]

Affected software / configurations for CVE-2008-3854

Vendor	Product	Version	Raw CPE
ibm	db2_universal_database	9.1	cpe:2.3:a:ibm:db2_universal_database:9.1::aix:::::
ibm	db2_universal_database	9.1	cpe:2.3:a:ibm:db2_universal_database:9.1::hp_ux:::::
ibm	db2_universal_database	9.1	cpe:2.3:a:ibm:db2_universal_database:9.1::linux:::::
ibm	db2_universal_database	9.1	cpe:2.3:a:ibm:db2_universal_database:9.1::solaris:::::
ibm	db2_universal_database	9.1	cpe:2.3:a:ibm:db2_universal_database:9.1::windows:::::
ibm	db2_universal_database	9.1	cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:aix:::::*
ibm	db2_universal_database	9.1	cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:hp-ux:::::*
ibm	db2_universal_database	9.1	cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:linux:::::*
ibm	db2_universal_database	9.1	cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:solaris:::::*
ibm	db2_universal_database	9.1	cpe:2.3:a:ibm:db2_universal_database:9.1:fp2:windows:::::*
ibm	db2_universal_database	9.1	cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:aix:::::*
ibm	db2_universal_database	9.1	cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:hp-ux:::::*
ibm	db2_universal_database	9.1	cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:linux:::::*
ibm	db2_universal_database	9.1	cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:solaris:::::*
ibm	db2_universal_database	9.1	cpe:2.3:a:ibm:db2_universal_database:9.1:fp3:windows:::::*
ibm	db2_universal_database	9.1	cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:aix:::::*
ibm	db2_universal_database	9.1	cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:hp-ux:::::*
ibm	db2_universal_database	9.1	cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:linux:::::*
ibm	db2_universal_database	9.1	cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:solaris:::::*
ibm	db2_universal_database	9.1	cpe:2.3:a:ibm:db2_universal_database:9.1:fp4:windows:::::*
ibm	db2_universal_database	9.1	cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:aix:::::*
ibm	db2_universal_database	9.1	cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:hp-ux:::::*
ibm	db2_universal_database	9.1	cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:linux:::::*
ibm	db2_universal_database	9.1	cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:solaris:::::*
ibm	db2_universal_database	9.1	cpe:2.3:a:ibm:db2_universal_database:9.1:fp4a:windows:::::*
ibm	db2_universal_database	9.5	cpe:2.3:a:ibm:db2_universal_database:9.5::aix:::::
ibm	db2_universal_database	9.5	cpe:2.3:a:ibm:db2_universal_database:9.5::hp-ux:::::
ibm	db2_universal_database	9.5	cpe:2.3:a:ibm:db2_universal_database:9.5::linux:::::
ibm	db2_universal_database	9.5	cpe:2.3:a:ibm:db2_universal_database:9.5::solaris:::::
ibm	db2_universal_database	9.5	cpe:2.3:a:ibm:db2_universal_database:9.5::windows:::::

References for CVE-2008-3854

URL	Tags
http://secunia.com/advisories/30558	Patch Vendor Advisory
http://www-1.ibm.com/support/docview.wss?uid=swg1IZ16346	Patch
http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18431
http://www-1.ibm.com/support/docview.wss?uid=swg1IZ18434	Patch
http://www-1.ibm.com/support/docview.wss?uid=swg21255607	Patch
http://www.securityfocus.com/archive/1/496406/100/0/threaded
http://www.securityfocus.com/bid/29601	Patch
http://www.vupen.com/english/advisories/2008/1769	Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/42930
https://exchange.xforce.ibmcloud.com/vulnerabilities/42935

URL

CVE-2008-3854

Exploit prediction scoring system (EPSS) score for CVE-2008-3854

Common vulnerability scoring system (CVSS) metrics for CVE-2008-3854

Weakness enumeration for CVE-2008-3854

Affected software / configurations for CVE-2008-3854

References for CVE-2008-3854