CVE-2010-3474 in DB2informazioni

Riassunto

di MITRE

IBM DB2 9.7 before FP3 does not perform the expected drops or invalidations of dependent functions upon a loss of privileges by the functions owners, which allows remote authenticated users to bypass intended access restrictions via calls to these functions, a different vulnerability than CVE-2009-3471.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

20/09/2010

Divulgazione

20/09/2010

Moderazione

accettato

Voce

VDB-54788

CPE

pronto

CWE

CWE-264 (confermato)

CVSS

5.0 (NVD)

EPSS

0.02591

KEV

Attività

molto basso

Settore

Lawfirm, Education, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2010-3474
NVD	https://nvd.nist.gov/vuln/detail/CVE-2010-3474
CVE Details	https://www.cvedetails.com/cve/CVE-2010-3474/

◂ Precedente Visione D'ensemble Il prossimo ▸

Interested in the pricing of exploits?

See the underground prices here!