nvd-json-data-feeds/CVE-2009/CVE-2009-12xx/CVE-2009-1239.json

{
  "id": "CVE-2009-1239",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2009-04-03T18:30:00.640",
  "lastModified": "2017-08-17T01:30:14.803",
  "vulnStatus": "Modified",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "IBM DB2 9.1 before FP7 returns incorrect query results in certain situations related to the order of application of an INNER JOIN predicate and an OUTER JOIN predicate, which might allow attackers to obtain sensitive information via a crafted query."
    },
    {
      "lang": "es",
      "value": "IBM DB2 v9.1 anteriores a FP7 devuelve resultados incorrectos en ciertas situaciones relacionadas con la orden de aplicaci\u00f3n de una identificaci\u00f3n INNER JOIN y una identificaci\u00f3n OUTER JOIN, lo que permitir\u00eda a atacantes conseguir informaci\u00f3n sensible a trav\u00e9s de una petici\u00f3n manipulada."
    }
  ],
  "metrics": {
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:db2:*:fp6a:*:*:*:*:*:*",
              "versionEndIncluding": "9.1",
              "matchCriteriaId": "90C0F24A-7D81-4A4B-8987-FEF3214AFB7E"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:db2:9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B28091A-8772-41DC-9D91-D5359CDDA7A9"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:db2:9.1:*:connect_server:*:*:*:*:*",
              "matchCriteriaId": "7372EC03-10FD-4A90-801A-B7947436CE34"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:db2:9.1:*:enterprise_server:*:*:*:*:*",
              "matchCriteriaId": "959E00AE-24A2-4890-A120-0EDEC401A2F2"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:db2:9.1:*:express_server:*:*:*:*:*",
              "matchCriteriaId": "66CF4477-2D86-48D6-BD56-E09A01EA518F"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:db2:9.1:*:personal:*:*:*:*:*",
              "matchCriteriaId": "CE1F8C8D-DC4C-4401-9D83-BBCF9687035D"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:db2:9.1:*:workgroup_server:*:*:*:*:*",
              "matchCriteriaId": "C1C73916-C875-4137-A208-6AE5EEB1A94E"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp1:*:*:*:*:*:*",
              "matchCriteriaId": "2AF419E7-F2B5-4E2A-B85D-C0EC6C1DEA4F"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp1:unix:*:*:*:*:*",
              "matchCriteriaId": "AB624942-B12A-48B4-88F8-22261CBED995"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp1:windows:*:*:*:*:*",
              "matchCriteriaId": "C631A734-423E-4C76-8E1C-A4BB2974DA66"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp2:*:*:*:*:*:*",
              "matchCriteriaId": "95BBA3F1-C276-4C30-BFE5-9CE212BEBEFA"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp3:*:*:*:*:*:*",
              "matchCriteriaId": "4DF01163-F805-4FC8-9836-462034D1B5CF"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp3a:*:*:*:*:*:*",
              "matchCriteriaId": "E570E88C-35F8-4E12-8121-20536AC8A0AB"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp4:*:*:*:*:*:*",
              "matchCriteriaId": "757E30FB-2EFB-4B3D-9931-17D584D433A2"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp4a:*:*:*:*:*:*",
              "matchCriteriaId": "B31F9D02-25FD-4ED1-9D1C-B244BC9426B6"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp5:*:*:*:*:*:*",
              "matchCriteriaId": "47455B4A-6E10-417F-9974-B0AA7F3180FE"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:ibm:db2:9.1:fp6:*:*:*:*:*:*",
              "matchCriteriaId": "84156C5B-EFC6-4733-A868-C3C51CFBA7CD"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR31886",
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ]
    },
    {
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21381257",
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ]
    },
    {
      "url": "http://www.vupen.com/english/advisories/2009/0912",
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ]
    },
    {
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49864",
      "source": "cve@mitre.org"
    }
  ]
}