|
|
|
|
|
|
by michaellosee
4218 days ago
|
|
|
It seems that error code may not involve data input format but rather indicates DB2 is out of resources[1]. Honestly this release might be a little early for IBM as well. Any sort of verbose error message is at least a low risk information disclosure finding on a pentest and a verbose database error message is a strong indicator the application is vulnerable to SQL injection. Even if not vulnerable, it's blood in the water and should be fixed before hitting production. [1]http://www-01.ibm.com/support/knowledgecenter/SSATW2_7.3.0/c... |
|
|