6.5
CVE-2006-3857
- EPSS 3.82%
- Veröffentlicht 08.08.2006 22:04:00
- Zuletzt bearbeitet 16.06.2026 22:27:58
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Multiple buffer overflows in IBM Informix Dynamic Server (IDS) before 9.40.TC6 and 10.00 before 10.00.TC3 allow remote authenticated users to execute arbitrary code via (1) the getname function, as used by (a) _sq_remview, (b) _sq_remproc, (c) _sq_remperms, (d) _sq_distfetch, and (e) _sq_dcatalog; and the (2) SET DEBUG FILE, (3) IFX_FILE_TO_FILE, (4) FILETOCLOB, (5) LOTOFILE, and (6) DBINFO functions (product defect IDs 171649, 171367, 171387, 171391, 171906, 172179).
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Informix Dynamic Database Server Version9.3
Ibm ≫ Informix Dynamic Database Server Version9.40.tc1
Ibm ≫ Informix Dynamic Database Server Version9.40.tc2
Ibm ≫ Informix Dynamic Database Server Version9.40.tc3
Ibm ≫ Informix Dynamic Database Server Version9.40.tc4
Ibm ≫ Informix Dynamic Database Server Version9.40.tc5
Ibm ≫ Informix Dynamic Database Server Version9.40.uc1
Ibm ≫ Informix Dynamic Database Server Version9.40.uc2
Ibm ≫ Informix Dynamic Database Server Version9.40.uc3
Ibm ≫ Informix Dynamic Database Server Version10.00.tc1
Ibm ≫ Informix Dynamic Database Server Version10.00.tc2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.82% | 0.888 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 8 | 6.4 |
AV:N/AC:L/Au:S/C:P/I:P/A:P
|
http://secunia.com/advisories/21301
http://www-1.ibm.com/support/docview.wss?uid=swg21242921
http://www.databasesecurity.com/informix/DatabaseHackersHandbook-AttackingInformix.pdf
http://www.securityfocus.com/archive/1/443133/100/0/threaded
http://www.securityfocus.com/bid/19264
http://www.vupen.com/english/advisories/2006/3077
http://www.securityfocus.com/archive/1/443210/100/0/threaded
http://www.osvdb.org/27681
http://www.osvdb.org/27682
http://www.osvdb.org/27683
http://www.osvdb.org/27687
http://www.osvdb.org/27688
http://www.osvdb.org/27693
https://exchange.xforce.ibmcloud.com/vulnerabilities/28118
https://exchange.xforce.ibmcloud.com/vulnerabilities/28119
https://exchange.xforce.ibmcloud.com/vulnerabilities/28120
https://exchange.xforce.ibmcloud.com/vulnerabilities/28126
https://exchange.xforce.ibmcloud.com/vulnerabilities/28127
https://exchange.xforce.ibmcloud.com/vulnerabilities/28157