3.6

CVE-2004-2319

Exploit
IBM Informix Dynamic Server (IDS) before 9.40.xC3 allows local users to (1) create or overwrite files via the /001 log file to onedcu or (2) read arbitrary files via a symlink attack on a file in /tmp to onshowaudit.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
IbmInformix Dynamic Server Version9.40.uc1
IbmInformix Dynamic Server Version9.40.uc2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.48% 0.375
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 3.6 3.9 4.9
AV:L/AC:L/Au:N/C:P/I:P/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/10737/
Patch
Vendor Advisory
http://www-1.ibm.com/support/docview.wss?uid=swg21153336
http://www.securityfocus.com/bid/9512
Patch
Exploit
http://www.osvdb.org/3758
http://www.osvdb.org/3760
http://www.securityfocus.com/archive/1/351770
Vendor Advisory
Exploit
http://www.securityfocus.com/bid/9511
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/14969
https://exchange.xforce.ibmcloud.com/vulnerabilities/14971