6.9

CVE-2008-0369

EPSS 0.05%
Published 19.01.2008 00:00:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

Multiple unspecified programs in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allow local users to create arbitrary files by specifying the target file in the SQLIDEBUG environment variable, whose ownership is changed to the user invoking the programs.

Affected products Warnungen 0 Metrics 2 CWE 0 References 12

Data is provided by the National Vulnerability Database (NVD)

Ibm ≫ Informix Dynamic Server Version10.00

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.05%	0.131

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.9	3.4	10	AV:L/AC:M/Au:N/C:C/I:C/A:C

http://secunia.com/advisories/28534

Vendor Advisory

http://www-1.ibm.com/support/docview.wss?uid=swg27011556

http://www.securityfocus.com/bid/27328

http://www.securitytracker.com/id?1019237

http://www.vupen.com/english/advisories/2008/0169

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/39751

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=650

http://www-1.ibm.com/support/docview.wss?uid=swg1IC54309

https://exchange.xforce.ibmcloud.com/vulnerabilities/40009

https://nvd.nist.gov/vuln/detail/CVE-2008-0369

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-0369

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-0369

EUVD