CVE-2009-4333
N/A
N/A
Summary
The Relational Data Services component in IBM DB2 9.5 before FP5 allows attackers to obtain the password argument from the SET ENCRYPTION PASSWORD statement via vectors involving the GET SNAPSHOT FOR DYNAMIC SQL command.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
- http://www-01.ibm.com/support/docview.wss?uid=swg21293566
- http://www.vupen.com/english/advisories/2009/3520
- http://www.securityfocus.com/bid/37332
- http://www-01.ibm.com/support/docview.wss?uid=swg1IZ38819
- http://www-01.ibm.com/support/docview.wss?uid=swg21412902
- http://secunia.com/advisories/37759
References
- ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT
- http://www-01.ibm.com/support/docview.wss?uid=swg21293566
- http://www.vupen.com/english/advisories/2009/3520
- http://www.securityfocus.com/bid/37332
- http://www-01.ibm.com/support/docview.wss?uid=swg1IZ38819
- http://www-01.ibm.com/support/docview.wss?uid=swg21412902
- http://secunia.com/advisories/37759
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.