CVE-2013-6744 Information

Description

The Stored Procedure infrastructure in IBM DB2 9.5 9.7 before FP9a 10.1 before FP3a and 10.5 before FP3a on Windows allows remote authenticated users to gain privileges by leveraging the CONNECT privilege and the CREATE_EXTERNAL_ROUTINE authority.

Reference

http://www.ibm.com/support/docview.wss?uid=swg1IC99480 http://www.ibm.com/support/docview.wss?uid=swg216105824 http://www.ibm.com/support/docview.wss?uid=swg21673947 http://www-01.ibm.com/support/docview.wss?uid=swg1IC98849 http://www-01.ibm.com/support/docview.wss?uid=swg1IC99478 http://www-01.ibm.com/support/docview.wss?uid=swg1IC99480 http://www-01.ibm.com/support/docview.wss?uid=swg1IC99481 https://exchange.xforce.ibmcloud.com/vulnerabilities/89860