NVD

Id
42793  
Name
CVE-2012-0709  
Description
IBM DB2 9.5 before FP9, 9.7 through FP5, and 9.8 through FP4 does not properly check variables, which allows remote authenticated users to bypass intended restrictions on viewing table data by leveraging the CREATEIN privilege to execute crafted SQL CREATE VARIABLE statements.  
Reject
 
CVSS Version
2  
CVSS Score
4  
Severity
Medium  
CVSS Base Score
4  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:P/I:N/A:N)  
Pub Date
2017-01-19  
Published
2012-03-20  
Modified Date
2012-08-13  
Seq
2012-0709  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
215409 42793 CVE-2012-0709 oval:org.mitre.oval:def:15004  View
215410 42793 CVE-2012-0709 IC81387  View
215411 42793 CVE-2012-0709 IC81390  View
215412 42793 CVE-2012-0709 IC81836  View
215413 42793 CVE-2012-0709 http://www-01.ibm.com/support/docview.wss?uid=swg21588100  View
215414 42793 CVE-2012-0709 db2-createvariable-security-bypass(73493)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
26151 JVNDB-2012-001858 IBM DB2 におけるテーブルデータのビューの制限を回避される脆弱性 IBM DB2 は、変数を適切にチェックしないため、テーブルデータのビューの制限を回避される脆弱性が存在します。 CVE-2012-0709 53947 CVE-2012-0709 42793 4 http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001858.html 2012-02-13 2012-03-23 View