Back to search
CVE-2009-4438
Published: Dec 28, 2009
Modified: Sep 17, 2024
PUBLISHED
Description
The Query Compiler, Rewrite, and Optimizer component in IBM DB2 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 does not enforce privilege requirements for access to a (1) sequence or (2) global-variable object, which allows remote authenticated users to make use of data via unspecified vectors.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
IC64852
vendor-advisory
x_refsource_AIXAPAR
IC62583
vendor-advisory
x_refsource_AIXAPAR
http://www-01.ibm.com/support/docview.wss?uid=swg21293566
x_refsource_CONFIRM
ADV-2009-3520
vdb-entry
x_refsource_VUPEN
37332
vdb-entry
x_refsource_BID
IC62543
vendor-advisory
x_refsource_AIXAPAR
http://www-01.ibm.com/support/docview.wss?uid=swg21412902
x_refsource_CONFIRM
37759
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now