7.5
CVE-2006-3860
- EPSS 2.83%
- Veröffentlicht 17.08.2006 01:04:00
- Zuletzt bearbeitet 16.06.2026 22:27:58
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 allows allows remote authenticated users to execute arbitrary commands via the (1) "SET DEBUG FILE" SQL command, and the (2) start_onpload and (3) dbexp functions.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Informix Dynamic Database Server Version7.3
Ibm ≫ Informix Dynamic Database Server Version7.31_.xd8
Ibm ≫ Informix Dynamic Database Server Version9.4
Ibm ≫ Informix Dynamic Database Server Version9.40.tc5
Ibm ≫ Informix Dynamic Database Server Version9.40.uc1
Ibm ≫ Informix Dynamic Database Server Version9.40.uc2
Ibm ≫ Informix Dynamic Database Server Version9.40.uc3
Ibm ≫ Informix Dynamic Database Server Version9.40.uc5
Ibm ≫ Informix Dynamic Database Server Version9.40.xc7
Ibm ≫ Informix Dynamic Database Server Version10.0
Ibm ≫ Informix Dynamic Database Server Version10.0_xc3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.83% | 0.848 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
http://secunia.com/advisories/21301
http://www-1.ibm.com/support/docview.wss?uid=swg21242921
http://www.databasesecurity.com/informix/DatabaseHackersHandbook-AttackingInformix.pdf
http://www.securityfocus.com/archive/1/443133/100/0/threaded
http://www.securityfocus.com/bid/19264
http://www.vupen.com/english/advisories/2006/3077
http://securityreason.com/securityalert/1407
http://www.osvdb.org/27686
http://www.securityfocus.com/archive/1/443185/100/0/threaded
https://exchange.xforce.ibmcloud.com/vulnerabilities/28121
https://exchange.xforce.ibmcloud.com/vulnerabilities/28124