What is the severity of CVE-2009-3471?

The severity of CVE-2009-3471 is considered moderate due to its potential for exploitation in certain scenarios.

How do I fix CVE-2009-3471?

To fix CVE-2009-3471, upgrade to an unaffected version of IBM DB2, specifically versions after FP18 for 8, FP8 for 9.1, FP4 for 9.5, and FP2 for 9.7.

Which versions of IBM DB2 are affected by CVE-2009-3471?

CVE-2009-3471 affects IBM DB2 versions 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP2.

What kind of impact can CVE-2009-3471 have?

CVE-2009-3471 can lead to unspecified impacts, especially regarding unauthorized access to table functions upon a loss of privileges.

Are remote attack vectors possible with CVE-2009-3471?

Yes, CVE-2009-3471 has potential remote attack vectors that could exploit the vulnerability if not mitigated.

Vulnerability/
CVE-2009-3471

high

7.5

CWE

29/9/2009

7/8/2024

CVE-2009-3471

First published: Tue Sep 29 2009(Updated: )

IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP2 does not perform the expected drops of certain table functions upon a loss of privileges by the functions' definers, which has unspecified impact and remote attack vectors.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
IBM Db2	=8.0-fp11
IBM Db2	=8.0-fp3
IBM Db2	=8.0-fp10
IBM Db2	=9.1-fp4
IBM Db2	=9.1-fp1
IBM Db2	=8.0-fp9
IBM Db2	=8.0-fp4
IBM Db2	=9.1-fp5
IBM Db2	=9.5-fp1
IBM Db2	=8.0-fp16
IBM Db2	=9.1-fp3
IBM Db2	=8.0-fp6
IBM Db2	=8.0-fp8
IBM Db2	=8.0-fp14
IBM Db2	=9.1-fp6
IBM Db2	=8.0-fp2
IBM Db2	=8.0-fp1
IBM Db2	=8.0-fp5
IBM Db2	=8.0-fp17
IBM Db2	=9.1-fp2
IBM Db2	=8.0-fp13
IBM Db2	=9.5-fp2
IBM Db2	=9.1-fp7
IBM Db2	=8.0-fp12
IBM Db2	=9.5-fp3
IBM Db2	=8.0-fp15
IBM Db2	=8.0-fp7

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2009-3471?
The severity of CVE-2009-3471 is considered moderate due to its potential for exploitation in certain scenarios.
How do I fix CVE-2009-3471?
To fix CVE-2009-3471, upgrade to an unaffected version of IBM DB2, specifically versions after FP18 for 8, FP8 for 9.1, FP4 for 9.5, and FP2 for 9.7.
Which versions of IBM DB2 are affected by CVE-2009-3471?
CVE-2009-3471 affects IBM DB2 versions 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP2.
What kind of impact can CVE-2009-3471 have?
CVE-2009-3471 can lead to unspecified impacts, especially regarding unauthorized access to table functions upon a loss of privileges.
Are remote attack vectors possible with CVE-2009-3471?
Yes, CVE-2009-3471 has potential remote attack vectors that could exploit the vulnerability if not mitigated.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/references
agent/weakness
agent/author
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/ibm
canonical/ibm db2
version/ibm db2/8.0-fp11
version/ibm db2/8.0-fp3
version/ibm db2/8.0-fp10
version/ibm db2/9.1-fp4
version/ibm db2/9.1-fp1
version/ibm db2/8.0-fp9
version/ibm db2/8.0-fp4
version/ibm db2/9.1-fp5
version/ibm db2/9.5-fp1
version/ibm db2/8.0-fp16
version/ibm db2/9.1-fp3
version/ibm db2/8.0-fp6
version/ibm db2/8.0-fp8
version/ibm db2/8.0-fp14
version/ibm db2/9.1-fp6
version/ibm db2/8.0-fp2
version/ibm db2/8.0-fp1
version/ibm db2/8.0-fp5
version/ibm db2/8.0-fp17
version/ibm db2/9.1-fp2
version/ibm db2/8.0-fp13
version/ibm db2/9.5-fp2
version/ibm db2/9.1-fp7
version/ibm db2/8.0-fp12
version/ibm db2/9.5-fp3
version/ibm db2/8.0-fp15
version/ibm db2/8.0-fp7