| Max CVSS | 10.0 | Min CVSS | 4.6 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2009-3473 | 10.0 |
IBM DB2 9.1 before FP8 does not require the SETSESSIONUSER privilege for the SET SESSION AUTHORIZATION statement, which has unspecified impact and remote attack vectors.
|
11-09-2013 - 05:59 | 29-09-2009 - 21:30 | |
| CVE-2009-3471 | 7.5 |
IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP2 does not perform the expected drops of certain table functions upon a loss of privileges by the functions' definers, which has unspecified impact and remote attack vectors.
|
07-10-2010 - 05:42 | 29-09-2009 - 21:30 | |
| CVE-2009-4150 | 4.6 |
dasauto in IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP1 permits execution by unprivileged user accounts, which has unspecified impact and local attack vectors.
|
07-12-2009 - 05:00 | 02-12-2009 - 11:30 | |
| CVE-2009-3472 | 6.5 |
IBM DB2 8 before FP18, 9.1 before FP8, and 9.5 before FP4 allows remote authenticated users to bypass intended access restrictions, and update, insert, or delete table rows, via unspecified vectors.
|
14-10-2009 - 05:26 | 29-09-2009 - 21:30 |