CVE-2009-1239

Sažetak

IBM DB2 9.1 before FP7 returns incorrect query results in certain situations related to the order of application of an INNER JOIN predicate and an OUTER JOIN predicate, which might allow attackers to obtain sensitive information via a crafted query.

Reference

http://www.vupen.com/english/advisories/2009/0912
http://www-01.ibm.com/support/docview.wss?uid=swg1JR31886
http://www-01.ibm.com/support/docview.wss?uid=swg21381257
https://exchange.xforce.ibmcloud.com/vulnerabilities/49864

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Zadnje važnije ažuriranje

17-08-2017 - 01:30

Objavljeno

03-04-2009 - 18:30