Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
CVE ID: | CVE-2010-3475 |
Description: | IBM DB2 9.7 before FP3 does not properly enforce privilege requirements for execution of entries in the dynamic SQL cache, which allows remote authenticated users to bypass intended access restrictions by leveraging the cache to execute an UPDATE statement contained in a compiled compound SQL statement. |
Test IDs: | None available |
Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2010-3475 AIX APAR: IC70406 http://www-01.ibm.com/support/docview.wss?uid=swg1IC70406 BugTraq ID: 43291 http://www.securityfocus.com/bid/43291 http://osvdb.org/68122 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14609 http://www.securitytracker.com/id?1024458 http://secunia.com/advisories/41444 http://www.vupen.com/english/advisories/2010/2425 XForce ISS Database: ibm-db2-sql-security-bypass(61873) https://exchange.xforce.ibmcloud.com/vulnerabilities/61873 |