Описание
The Query Compiler, Rewrite, and Optimizer component in IBM DB2 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 does not enforce privilege requirements for access to a (1) sequence or (2) global-variable object, which allows remote authenticated users to make use of data via unspecified vectors.
The Query Compiler, Rewrite, and Optimizer component in IBM DB2 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 does not enforce privilege requirements for access to a (1) sequence or (2) global-variable object, which allows remote authenticated users to make use of data via unspecified vectors.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2009-4438
- http://secunia.com/advisories/37759
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC62543
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC62583
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC64852
- http://www-01.ibm.com/support/docview.wss?uid=swg21293566
- http://www-01.ibm.com/support/docview.wss?uid=swg21412902
- http://www.securityfocus.com/bid/37332
- http://www.vupen.com/english/advisories/2009/3520
EPSS
CVE ID
Связанные уязвимости
The Query Compiler, Rewrite, and Optimizer component in IBM DB2 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 does not enforce privilege requirements for access to a (1) sequence or (2) global-variable object, which allows remote authenticated users to make use of data via unspecified vectors.
EPSS