Lucene search
HistoryApr 03, 2009 - 6:30 p.m.
CVE-2009-1239
ibm
db2
fp7
cve-2009-1239
information security
query results
inner join
outer join
sensitive information
crafted query
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
8.6 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
52.1%
IBM DB2 9.1 before FP7 returns incorrect query results in certain situations related to the order of application of an INNER JOIN predicate and an OUTER JOIN predicate, which might allow attackers to obtain sensitive information via a crafted query.
Affected configurations
Node
ibmdb2Range≤9.1fp6a
ORibmdb2Match9.1
ORibmdb2Match9.1connect_server
ORibmdb2Match9.1enterprise_server
ORibmdb2Match9.1express_server
ORibmdb2Match9.1personal
ORibmdb2Match9.1workgroup_server
ORibmdb2Match9.1fp1
ORibmdb2Match9.1fp1unix
ORibmdb2Match9.1fp1windows
ORibmdb2Match9.1fp2
ORibmdb2Match9.1fp3
ORibmdb2Match9.1fp3a
ORibmdb2Match9.1fp4
ORibmdb2Match9.1fp4a
ORibmdb2Match9.1fp5
ORibmdb2Match9.1fp6
Related
openvas
openvas
IBM Db2 Information Disclosure Vulnerability - Linux
2009-05-11 00:00:00
IBM DB2 Information Disclosure Vulnerability (Linux)
2009-05-11 00:00:00
IBM Db2 Information Disclosure Vulnerability - Windows
2009-05-11 00:00:00
prion
prion
Open redirect
2009-04-03 18:30:00
cvelist
cvelist
CVE-2009-1239
2009-04-03 18:00:00
nvd
nvd
CVE-2009-1239
2009-04-03 18:30:00
nessus
nessus
IBM DB2 9.1 < Fix Pack 7 Multiple Vulnerabilities
2009-04-22 00:00:00
ibm
ibm
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
8.6 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
52.1%
Related for CVE-2009-1239