CVE-2009-4438

Metadata

CVE-2009-4438
6.5
ftp, www-01.ibm.com, www-01.ibm.com, www-01.ibm.com, www-01.ibm.com, www-01.ibm.com, securityfocus.com, vupen.com
2009-12-28
2017-06-06 20:22

Description

The Query Compiler, Rewrite, and Optimizer component in IBM DB2 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 does not enforce privilege requirements for access to a (1) sequence or (2) global-variable object, which allows remote authenticated users to make use of data via unspecified vectors.

Related Vulnerabilities