VYPR
Unrated severityNVD Advisory· Published Dec 16, 2009· Updated Jun 16, 2026

CVE-2009-4331

CVE-2009-4331

Description

The Install component in IBM DB2 9.5 before FP5 and 9.7 before FP1 configures the High Availability (HA) scripts with incorrect file-permission and authorization settings, which has unknown impact and local attack vectors.

Affected products

9
  • IBM/Db29 versions
    cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*+ 8 more
    • cpe:2.3:a:ibm:db2:9.5:*:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.5:fp1:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.5:fp2:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.5:fp2a:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.5:fp3:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.5:fp3a:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.5:fp3b:*:*:*:*:*:*
    • cpe:2.3:a:ibm:db2:9.7:*:*:*:*:*:*:*
    • (no CPE)range: 9.5 < FP5, 9.7 < FP1

Patches

Vulnerability mechanics

References

10

News mentions

0

No linked articles in our index yet.