Security Bulletin: IBM Systems Director is affected by DB2 vulnerabilities (CVE-2013-4033, CVE-2013-5466, CVE-2012-2194, CVE-2012-2196, CVE-2012-2197 and CVE-2012-4826)

Summary IBM Systems Director is affected by DB2 vulnerabilities CVE-2013-4033, CVE-2013-5466, CVE-2012-2194, CVE-2012-2196, CVE-2012-2197 and CVE-2012-4826 Vulnerability Details Abstract IBM Systems Director is affected by DB2 vulnerabilities CVE-2013-4033, CVE-2013-5466, CVE-2012-2194,...

CVE-2013-4033

IBM DB2 and DB2 Connect 9.7 through FP8, 9.8 through FP5, 10.1 through FP2, and 10.5 through FP1 allow remote authenticated users to execute DML statements by leveraging EXPLAIN authority...

Code injection

IBM DB2 and DB2 Connect 9.7 through FP8, 9.8 through FP5, 10.1 through FP2, and 10.5 through FP1 allow remote authenticated users to execute DML statements by leveraging EXPLAIN authority...

CVE-2013-4033

CVE-2013-4033 affects IBM DB2 and DB2 Connect (versions 9.7 FP8, 9.8 FP5, 10.1 FP2, 10.5 FP1). An authenticated user with EXPLAIN authority can temporarily gain SELECT/INSERT/UPDATE/DELETE on a table without DATAACCESS authority, by exploiting EXPLAIN-related privileges. IBM security notices list...

CVE-2013-4033

IBM DB2 and DB2 Connect 9.7 through FP8, 9.8 through FP5, 10.1 through FP2, and 10.5 through FP1 allow remote authenticated users to execute DML statements by leveraging EXPLAIN authority...