CVE-2013-4033
First published: Wed Aug 28 2013(Updated: )
IBM DB2 and DB2 Connect 9.7 through FP8, 9.8 through FP5, 10.1 through FP2, and 10.5 through FP1 allow remote authenticated users to execute DML statements by leveraging EXPLAIN authority.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ibm Db2 | =9.7 | |
| Ibm Db2 | =9.8 | |
| Ibm Db2 | =10.1 | |
| Ibm Db2 | =10.5 | |
| Ibm Db2 Connect | =9.5 | |
| Ibm Db2 Connect | =9.7 | |
| Ibm Db2 Connect | =9.8 | |
| Ibm Db2 Connect | =10.1 | |
| Ibm Db2 Connect | =10.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC94523
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC94756
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC94757
- http://www-01.ibm.com/support/docview.wss?uid=swg1IC94758
- http://www-01.ibm.com/support/docview.wss?uid=swg21646809
- https://exchange.xforce.ibmcloud.com/vulnerabilities/86093
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/author
- agent/references
- agent/description
- agent/tags
- agent/type
- agent/event
- agent/softwarecombine
- agent/last-modified-date
- agent/first-publish-date
- vendor/ibm
- canonical/ibm db2
- version/ibm db2/9.7
- version/ibm db2/9.8
- version/ibm db2/10.1
- version/ibm db2/10.5
- canonical/ibm db2 connect
- version/ibm db2 connect/9.5
- version/ibm db2 connect/9.7
- version/ibm db2 connect/9.8
- version/ibm db2 connect/10.1
- version/ibm db2 connect/10.5