CVE-2009-1239 Information

Description

IBM DB2 9.1 before FP7 returns incorrect query results in certain situations related to the order of application of an INNER JOIN predicate and an OUTER JOIN predicate which might allow attackers to obtain sensitive information via a crafted query.

Reference

http://www.vupen.com/english/advisories/2009/0912 http://www-01.ibm.com/support/docview.wss?uid=swg1JR31886 http://www-01.ibm.com/support/docview.wss?uid=swg21381257 https://exchange.xforce.ibmcloud.com/vulnerabilities/49864