CVE-2011-1846
N/A
N/A
Summary
IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux, UNIX, and Windows does not properly revoke role membership from groups, which allows remote authenticated users to execute non-DDL statements by leveraging previous inherited possession of a role, a different vulnerability than CVE-2011-0757. NOTE: some of these details are obtained from third party information.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC71375
- https://exchange.xforce.ibmcloud.com/vulnerabilities/66980
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC71263
- http://www.vupen.com/english/advisories/2011/1083
- http://www.securityfocus.com/bid/47525
- http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC71263
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC71375
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14688
- http://secunia.com/advisories/44229
References
- http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC71375
- https://exchange.xforce.ibmcloud.com/vulnerabilities/66980
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC71263
- http://www.vupen.com/english/advisories/2011/1083
- http://www.securityfocus.com/bid/47525
- http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC71263
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC71375
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14688
- http://secunia.com/advisories/44229
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.