CVE-2011-1847 Information
Description
IBM DB2 9.5 before FP7 and 9.7 before FP4 on Linux UNIX and Windows does not properly enforce privilege requirements for table access which allows remote authenticated users to modify SYSSTAT.TABLES statistics columns via an UPDATE statement. NOTE: some of these details are obtained from third party information.
Reference
http://secunia.com/advisories/44229 http://www.securityfocus.com/bid/47525 http://www.vupen.com/english/advisories/2011/1083 http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC71413 http://www-01.ibm.com/support/docview.wss?crawler=1&uid=swg1IC72119 http://www-01.ibm.com/support/docview.wss?uid=swg1IC71413 http://www-01.ibm.com/support/docview.wss?uid=swg1IC72119 https://exchange.xforce.ibmcloud.com/vulnerabilities/66979 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A14122
Share on: