CVE-2009-4325 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	6.4 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:N/C:N/I:P/A:P
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 81%

Vendor	Product	Version
ibm	db2	8.2
ibm	db2	8.2:fp1
ibm	db2	8.2:fp10
ibm	db2	8.2:fp11
ibm	db2	8.2:fp12
ibm	db2	8.2:fp13
ibm	db2	8.2:fp14
ibm	db2	8.2:fp15
ibm	db2	8.2:fp16
ibm	db2	8.2:fp17
ibm	db2	8.2:fp2
ibm	db2	8.2:fp3
ibm	db2	8.2:fp4
ibm	db2	8.2:fp5
ibm	db2	8.2:fp6
ibm	db2	8.2:fp7
ibm	db2	8.2:fp8
ibm	db2	8.2:fp9
ibm	db2	9.1
ibm	db2	9.1:fp1
ibm	db2	9.1:fp2
ibm	db2	9.1:fp3
ibm	db2	9.1:fp3a
ibm	db2	9.1:fp4
ibm	db2	9.1:fp4a
ibm	db2	9.1:fp5
ibm	db2	9.1:fp6
ibm	db2	9.1:fp6a
ibm	db2	9.1:fp7
ibm	db2	9.5
ibm	db2	9.5:fp1
ibm	db2	9.5:fp2
ibm	db2	9.5:fp2a
ibm	db2	9.5:fp3
ibm	db2	9.5:fp3a
ibm	db2	9.5:fp3b
ibm	db2	9.7

𝑥

= Vulnerable software versions

Known Exploits!

Common Weakness Enumeration

CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v97/APARLIST.TXT

http://secunia.com/advisories/37759

http://www-01.ibm.com/support/docview.wss?uid=swg1IC64702

http://www-01.ibm.com/support/docview.wss?uid=swg1LI72709

http://www-01.ibm.com/support/docview.wss?uid=swg1LI74500

http://www-01.ibm.com/support/docview.wss?uid=swg1LI74504

http://www-01.ibm.com/support/docview.wss?uid=swg21293566

http://www-01.ibm.com/support/docview.wss?uid=swg21412902

http://www.securityfocus.com/bid/37332

http://www.vupen.com/english/advisories/2009/3520

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v82/APARLIST.TXT

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v91/APARLIST.TXT

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v95/APARLIST.TXT

ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/aparlist/db2_v97/APARLIST.TXT

http://secunia.com/advisories/37759

http://www-01.ibm.com/support/docview.wss?uid=swg1IC64702

http://www-01.ibm.com/support/docview.wss?uid=swg1LI72709

http://www-01.ibm.com/support/docview.wss?uid=swg1LI74500

http://www-01.ibm.com/support/docview.wss?uid=swg1LI74504

http://www-01.ibm.com/support/docview.wss?uid=swg21293566

http://www-01.ibm.com/support/docview.wss?uid=swg21412902

http://www.securityfocus.com/bid/37332

http://www.vupen.com/english/advisories/2009/3520