CVE-2012-0709
Published Mar 20, 2012
Last updated 7 years ago
Overview
- Description
- IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 does not properly check variables, which allows remote authenticated users to bypass intended restrictions on viewing table data by leveraging the CREATEIN privilege to execute crafted SQL CREATE VARIABLE statements.
- Source
- psirt@us.ibm.com
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 4
- Impact score
- 2.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-20
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "11ABF7CC-2FA5-4F2D-901A-2D0EF5B8E717"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.5:fp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "58147402-53D5-4F15-862B-EE3DCCD75E2C"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.5:fp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D3F3CB5E-D4FB-4C03-B108-06CC358B1F45"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.5:fp2a:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CB2EA14A-878A-4D8D-B17A-568712D21C48"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.5:fp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "84C925CD-E753-401F-9EC0-6E3D9861C818"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.5:fp3a:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "651D042C-A9F1-42D1-A6DD-95ADBCD08448"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.5:fp3b:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0A589323-B8B8-4CB4-B1A9-B9E771C99123"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.5:fp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "61252AF9-A231-442A-A473-BA0608323BF2"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.5:fp4a:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "EB37A1AA-58F0-4A39-8E38-C70692CE67BF"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.5:fp5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1D9D5B5B-8E23-4987-9BBE-8FE1F27CB1B5"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.5:fp6:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E3E12C63-19FF-4BB9-9389-BF5E6B493F42"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.5:fp6a:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "10456C00-127D-46FE-82A4-D567AB19F87A"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.5:fp7:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E476599E-7087-4442-AED5-61DC1CA1F374"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.5:fp8:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "93F5745A-219B-48F6-95E9-85B4E516FA94"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CE1C4DE6-EB32-4A31-9FAA-D8DA31D8CF05"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.7:fp1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "00A16349-5CF1-4E75-A6EE-218E85049F62"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.7:fp2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5335C017-52D9-45D4-BCEB-CBB51B7C88AE"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.7:fp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "786B3F51-46A3-4A4C-A549-B80BA27EE3B9"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.7:fp3a:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AB349DC8-2EC6-4A11-9BCD-9C49D36BA49D"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.7:fp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CC8D88E5-7942-4F21-B0BA-7D23F4537117"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.7:fp5:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D7A42A22-D615-4D60-8FC4-61CDF727FD54"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D72D43DB-9A92-4E12-853B-F5FC9421D5EA"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.8:fp3:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "601CABF7-997C-4828-9292-99FFBF603F3A"
},
{
"criteria": "cpe:2.3:a:ibm:db2:9.8:fp4:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B5133944-390D-4CEF-86EB-587A5D27F940"
}
],
"operator": "OR"
}
]
}
]