{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2009-04-01T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "IBM DB2 9.1 before FP7 returns incorrect query results in certain situations related to the order of application of an INNER JOIN predicate and an OUTER JOIN predicate, which might allow attackers to obtain sensitive information via a crafted query."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-16T14:57:01.000Z", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "db2-predicate-information-disclosure(49864)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49864"}, {"name": "JR31886", "tags": ["vendor-advisory", "x_refsource_AIXAPAR"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR31886"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21381257"}, {"name": "ADV-2009-0912", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2009/0912"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2009-1239", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "IBM DB2 9.1 before FP7 returns incorrect query results in certain situations related to the order of application of an INNER JOIN predicate and an OUTER JOIN predicate, which might allow attackers to obtain sensitive information via a crafted query."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "db2-predicate-information-disclosure(49864)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49864"}, {"name": "JR31886", "refsource": "AIXAPAR", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR31886"}, {"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21381257", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21381257"}, {"name": "ADV-2009-0912", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2009/0912"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T05:04:49.437Z"}, "title": "CVE Program Container", "references": [{"name": "db2-predicate-information-disclosure(49864)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49864"}, {"name": "JR31886", "tags": ["vendor-advisory", "x_refsource_AIXAPAR", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR31886"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21381257"}, {"name": "ADV-2009-0912", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2009/0912"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2009-1239", "datePublished": "2009-04-03T18:00:00.000Z", "dateReserved": "2009-04-03T00:00:00.000Z", "dateUpdated": "2024-08-07T05:04:49.437Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:db2:*:fp6a:*:*:*:*:*:*", "matchCriteriaId": "90C0F24A-7D81-4A4B-8987-FEF3214AFB7E", "versionEndIncluding": "9.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2:9.1:*:*:*:*:*:*:*", "matchCriteriaId": "7B28091A-8772-41DC-9D91-D5359CDDA7A9", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2:9.1:*:connect_server:*:*:*:*:*", "matchCriteriaId": "7372EC03-10FD-4A90-801A-B7947436CE34", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2:9.1:*:enterprise_server:*:*:*:*:*", "matchCriteriaId": "959E00AE-24A2-4890-A120-0EDEC401A2F2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2:9.1:*:express_server:*:*:*:*:*", "matchCriteriaId": "66CF4477-2D86-48D6-BD56-E09A01EA518F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2:9.1:*:personal:*:*:*:*:*", "matchCriteriaId": "CE1F8C8D-DC4C-4401-9D83-BBCF9687035D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2:9.1:*:workgroup_server:*:*:*:*:*", "matchCriteriaId": "C1C73916-C875-4137-A208-6AE5EEB1A94E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2:9.1:fp1:*:*:*:*:*:*", "matchCriteriaId": "2AF419E7-F2B5-4E2A-B85D-C0EC6C1DEA4F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2:9.1:fp1:unix:*:*:*:*:*", "matchCriteriaId": "AB624942-B12A-48B4-88F8-22261CBED995", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2:9.1:fp1:windows:*:*:*:*:*", "matchCriteriaId": "C631A734-423E-4C76-8E1C-A4BB2974DA66", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2:9.1:fp2:*:*:*:*:*:*", "matchCriteriaId": "95BBA3F1-C276-4C30-BFE5-9CE212BEBEFA", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2:9.1:fp3:*:*:*:*:*:*", "matchCriteriaId": "4DF01163-F805-4FC8-9836-462034D1B5CF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2:9.1:fp3a:*:*:*:*:*:*", "matchCriteriaId": "E570E88C-35F8-4E12-8121-20536AC8A0AB", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2:9.1:fp4:*:*:*:*:*:*", "matchCriteriaId": "757E30FB-2EFB-4B3D-9931-17D584D433A2", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2:9.1:fp4a:*:*:*:*:*:*", "matchCriteriaId": "B31F9D02-25FD-4ED1-9D1C-B244BC9426B6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2:9.1:fp5:*:*:*:*:*:*", "matchCriteriaId": "47455B4A-6E10-417F-9974-B0AA7F3180FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:db2:9.1:fp6:*:*:*:*:*:*", "matchCriteriaId": "84156C5B-EFC6-4733-A868-C3C51CFBA7CD", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "IBM DB2 9.1 before FP7 returns incorrect query results in certain situations related to the order of application of an INNER JOIN predicate and an OUTER JOIN predicate, which might allow attackers to obtain sensitive information via a crafted query."}, {"lang": "es", "value": "IBM DB2 v9.1 anteriores a FP7 devuelve resultados incorrectos en ciertas situaciones relacionadas con la orden de aplicaci\u00f3n de una identificaci\u00f3n INNER JOIN y una identificaci\u00f3n OUTER JOIN, lo que permitir\u00eda a atacantes conseguir informaci\u00f3n sensible a trav\u00e9s de una petici\u00f3n manipulada."}], "id": "CVE-2009-1239", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2009-04-03T18:30:00.640", "references": [{"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR31886"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21381257"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2009/0912"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49864"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg1JR31886"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21381257"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.vupen.com/english/advisories/2009/0912"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/49864"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}