DescriptionApache Derby before 10.2.1.6 does not determine privilege requirements for lock table statements at compilation time, and consequently does not enforce privilege requirements at execution time, which allows remote authenticated users to lock arbitrary tables.
Overall state of this security issue: Ignore
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
List of released packages
|Product(s)||Fixed package version(s)||References|
|SUSE Linux Enterprise Software Development Kit 11 SP4|| ||Patchnames:
SUSE Linux Enterprise Software Development Kit 11 SP4 GA derby
|openSUSE Tumbleweed|| ||Patchnames:
openSUSE Tumbleweed GA derby