Summary
This host is installed with IBM DB2 and is prone to Information Disclosure Vulnerability.
Impact
Successful exploitation will let the attacker gain sensitive information of the affected remote system.
Impact Level: Application
Solution
Apply the security update.
http://www-01.ibm.com/support/docview.wss?rs=0&uid=swg24022678
*****
NOTE: Please, ignore the warning if Patch is already applied.
*****
Insight
This flaw is due to the 'INNER JOIN' and 'OUTER JOIN' predicate which allows remote attackers to execute arbitrary queries.
Affected
IBM DB2 Enterprise Server 9.1 before 9.1 FP7.
IBM DB2 Workgroup Server 9.1 before 9.1 FP7.
IBM DB2 Express Server 9.1 before 9.1 FP7.
IBM DB2 Personal Server 9.1 before 9.1 FP7.
IBM DB2 Connect Server 9.1 before 9.1 FP7.
References
Updated on 2017-03-28
Severity
Classification
-
CVE CVE-2009-1239 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apache Tomcat Directory Listing and File disclosure
- Abtp Portal Project 'ABTPV_BLOQUE_CENT' Parameter Local and Remote File Include Vulnerabilities
- An Image Gallery Directory Traversal Vulnerability
- Advanced Image Hosting Cross Site Scripting Vulnerability
- Ampache Reflected Cross Site Scripting Vulnerability