Lucene search

MitreCVE-2009-4335

HistoryDec 16, 2009 - 6:30 p.m.

CVE-2009-4335

2009-12-1618:30:00

mitre

web.nvd.nist.gov

ibm db2

spatial extender

vulnerabilities

stored procedures

remote attack vectors

cve-2009-4335

nvd

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.3

Confidence

Low

EPSS

0.006

Percentile

78.5%

JSON

Multiple unspecified vulnerabilities in bundled stored procedures in the Spatial Extender component in IBM DB2 9.5 before FP5 have unknown impact and remote attack vectors, related to “remote exploits.”

Affected configurations

Nvd

Node

ibmdb2Match9.5

ibmdb2Match9.5fp1

ibmdb2Match9.5fp2

ibmdb2Match9.5fp2a

ibmdb2Match9.5fp3

ibmdb2Match9.5fp3a

ibmdb2Match9.5fp3b

ibmdb2Match9.5fp4

ibmdb2Match9.5fp4a

VendorProductVersionCPE
ibmdb29.5cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*
ibmdb29.5cpe:2.3:a:ibm:db2:9.5:fp1:*:*:*:*:*:*
ibmdb29.5cpe:2.3:a:ibm:db2:9.5:fp2:*:*:*:*:*:*
ibmdb29.5cpe:2.3:a:ibm:db2:9.5:fp2a:*:*:*:*:*:*
ibmdb29.5cpe:2.3:a:ibm:db2:9.5:fp3:*:*:*:*:*:*
ibmdb29.5cpe:2.3:a:ibm:db2:9.5:fp3a:*:*:*:*:*:*
ibmdb29.5cpe:2.3:a:ibm:db2:9.5:fp3b:*:*:*:*:*:*
ibmdb29.5cpe:2.3:a:ibm:db2:9.5:fp4:*:*:*:*:*:*
ibmdb29.5cpe:2.3:a:ibm:db2:9.5:fp4a:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	db2	9.5	cpe:2.3:a:ibm:db2:9.5:::::::*
ibm	db2	9.5	cpe:2.3:a:ibm:db2:9.5:fp1::::::
ibm	db2	9.5	cpe:2.3:a:ibm:db2:9.5:fp2::::::
ibm	db2	9.5	cpe:2.3:a:ibm:db2:9.5:fp2a::::::
ibm	db2	9.5	cpe:2.3:a:ibm:db2:9.5:fp3::::::
ibm	db2	9.5	cpe:2.3:a:ibm:db2:9.5:fp3a::::::
ibm	db2	9.5	cpe:2.3:a:ibm:db2:9.5:fp3b::::::
ibm	db2	9.5	cpe:2.3:a:ibm:db2:9.5:fp4::::::
ibm	db2	9.5	cpe:2.3:a:ibm:db2:9.5:fp4a::::::

References

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT

secunia.com/advisories/37759

www-01.ibm.com/support/docview.wss?uid=swg1IC62625

www-01.ibm.com/support/docview.wss?uid=swg21293566

www-01.ibm.com/support/docview.wss?uid=swg21412902

www.securityfocus.com/bid/37332

www.vupen.com/english/advisories/2009/3520

exchange.xforce.ibmcloud.com/vulnerabilities/55007

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

6.3

Confidence

Low

EPSS

0.006

Percentile

78.5%

JSON

Related for CVE-2009-4335