CVE-2010-3475
N/A
N/A
Summary
IBM DB2 9.7 before FP3 does not properly enforce privilege requirements for execution of entries in the dynamic SQL cache, which allows remote authenticated users to bypass intended access restrictions by leveraging the cache to execute an UPDATE statement contained in a compiled compound SQL statement.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.securityfocus.com/bid/43291
- http://www.vupen.com/english/advisories/2010/2425
- https://exchange.xforce.ibmcloud.com/vulnerabilities/61873
- http://secunia.com/advisories/41444
- http://www.ibm.com/support/docview.wss?uid=swg21446455
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC70406
- http://osvdb.org/68122
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14609
- http://www.securitytracker.com/id?1024458
References
- http://www.securityfocus.com/bid/43291
- http://www.vupen.com/english/advisories/2010/2425
- https://exchange.xforce.ibmcloud.com/vulnerabilities/61873
- http://secunia.com/advisories/41444
- http://www.ibm.com/support/docview.wss?uid=swg21446455
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC70406
- http://osvdb.org/68122
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14609
- http://www.securitytracker.com/id?1024458
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.