Max CVSS | 10.0 | Min CVSS | 2.6 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2009-1905 | 2.6 |
The Common Code Infrastructure component in IBM DB2 8 before FP17, 9.1 before FP7, and 9.5 before FP4, when LDAP security (aka IBMLDAPauthserver) and anonymous bind are enabled, allows remote attackers to bypass password authentication and establish
|
17-08-2017 - 01:30 | 03-06-2009 - 21:00 | |
CVE-2009-3473 | 10.0 |
IBM DB2 9.1 before FP8 does not require the SETSESSIONUSER privilege for the SET SESSION AUTHORIZATION statement, which has unspecified impact and remote attack vectors.
|
11-09-2013 - 05:59 | 29-09-2009 - 21:30 | |
CVE-2009-3471 | 7.5 |
IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP2 does not perform the expected drops of certain table functions upon a loss of privileges by the functions' definers, which has unspecified impact and remote attack vectors.
|
07-10-2010 - 05:42 | 29-09-2009 - 21:30 | |
CVE-2009-3472 | 6.5 |
IBM DB2 8 before FP18, 9.1 before FP8, and 9.5 before FP4 allows remote authenticated users to bypass intended access restrictions, and update, insert, or delete table rows, via unspecified vectors.
|
14-10-2009 - 05:26 | 29-09-2009 - 21:30 |