CVE-2010-3474
published 2010-09-20CVE-2010-3474: IBM DB2 9.7 before FP3 does not perform the expected drops or invalidations of dependent functions upon a loss of privileges by the functions' owners, which…
medium5CVSS 3.1
AVNACLAuNCNIPAN
IBM DB2 9.7 before FP3 does not perform the expected drops or invalidations of dependent functions upon a loss of privileges by the functions' owners, which allows remote authenticated users to bypass intended access restrictions via calls to these functions, a different vulnerability than CVE-2009-3471.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ibm | db2 | — | — |
| ibm | db2 | — | — |
| ibm | db2 | — | — |