Описание
IBM DB2 9.1 before FP7 returns incorrect query results in certain situations related to the order of application of an INNER JOIN predicate and an OUTER JOIN predicate, which might allow attackers to obtain sensitive information via a crafted query.
Ссылки
- Patch
- PatchVendor Advisory
- Vendor Advisory
- Patch
- PatchVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 9.1 (включая)
Одно из
cpe:2.3:a:ibm:db2:*:fp6a:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:*:connect_server:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:*:enterprise_server:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:*:express_server:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:*:personal:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:*:workgroup_server:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp1:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp1:unix:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp1:windows:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp2:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp3:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp3a:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp4:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp4a:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp5:*:*:*:*:*:*
cpe:2.3:a:ibm:db2:9.1:fp6:*:*:*:*:*:*
EPSS
Процентиль: 53%
0.00301
Низкий
5 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
github
почти 4 года назад
IBM DB2 9.1 before FP7 returns incorrect query results in certain situations related to the order of application of an INNER JOIN predicate and an OUTER JOIN predicate, which might allow attackers to obtain sensitive information via a crafted query.
EPSS
Процентиль: 53%
0.00301
Низкий
5 Medium
CVSS2
Дефекты
CWE-200