Vulnerability Description
IBM DB2 Universal Database (UDB) 9.1 GA through 9.1 FP1 allows local users with table SELECT privileges to perform unauthorized UPDATE and DELETE SQL commands via unknown vectors.
CVSS Score
7.2
HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | 2.6.18.0 |
| Microsoft | Windows Xp | All versions |
| Ibm | Db2 Universal Database | <= 9.1 |
References
- http://secunia.com/advisories/24283Patch
- http://www-1.ibm.com/support/docview.wss?uid=swg1JR25941Patch
- http://www.attrition.org/pipermail/vim/2007-August/001765.html
- http://www.vupen.com/english/advisories/2007/0721
- http://secunia.com/advisories/24283Patch
- http://www-1.ibm.com/support/docview.wss?uid=swg1JR25941Patch
- http://www.attrition.org/pipermail/vim/2007-August/001765.html
- http://www.vupen.com/english/advisories/2007/0721
FAQ
What is CVE-2007-1089?
CVE-2007-1089 is a vulnerability with a CVSS score of 7.2 (HIGH). IBM DB2 Universal Database (UDB) 9.1 GA through 9.1 FP1 allows local users with table SELECT privileges to perform unauthorized UPDATE and DELETE SQL commands via unknown vectors.
How severe is CVE-2007-1089?
CVE-2007-1089 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-1089?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Microsoft Windows Xp, Ibm Db2 Universal Database.