CVE-2009-4150 — MEDIUM (4.6)

Vulnerability Description

dasauto in IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP1 permits execution by unprivileged user accounts, which has unspecified impact and local attack vectors.

CVSS Score

4.6

MEDIUM

AV:L/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Ibm	Db2	9.1
Ibm	Db2 Universal Database	8

Related Weaknesses (CWE)

CWE-264

References

http://secunia.com/advisories/36890Vendor Advisory
http://secunia.com/advisories/37454Vendor Advisory
http://securitytracker.com/id?1023242
http://www-01.ibm.com/support/docview.wss?uid=swg1IC64759
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40340
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40343
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40352
http://www-01.ibm.com/support/docview.wss?uid=swg21386689PatchVendor Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21403619PatchVendor Advisory
http://www.vupen.com/english/advisories/2009/3340Vendor Advisory
http://secunia.com/advisories/36890Vendor Advisory
http://secunia.com/advisories/37454Vendor Advisory
http://securitytracker.com/id?1023242
http://www-01.ibm.com/support/docview.wss?uid=swg1IC64759
http://www-01.ibm.com/support/docview.wss?uid=swg1IZ40340

FAQ

What is CVE-2009-4150?

CVE-2009-4150 is a vulnerability with a CVSS score of 4.6 (MEDIUM). dasauto in IBM DB2 8 before FP18, 9.1 before FP8, 9.5 before FP4, and 9.7 before FP1 permits execution by unprivileged user accounts, which has unspecified impact and local attack vectors.

How severe is CVE-2009-4150?

CVE-2009-4150 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2009-4150?

Check the references section above for vendor advisories and patch information. Affected products include: Ibm Db2, Ibm Db2 Universal Database.