8.2
CVE-2018-1636
- EPSS 0.07%
- Published 20.08.2019 19:15:10
- Last modified 21.11.2024 04:00:07
- Source psirt@us.ibm.com
- Teams watchlist Login
- Open Login
Stack-based buffer overflow in oninit in IBM Informix Dynamic Server Enterprise Edition 12.1 allows an authenticated user to execute predefined code with root privileges, such as escalating to a root shell. IBM X-Force ID: 144441.
Data is provided by the National Vulnerability Database (NVD)
Ibm ≫ Informix Dynamic Server Version12.10 Updatefc1 SwEditionenterprise
Ibm ≫ Informix Dynamic Server Version12.10 Updatefc10 SwEditionenterprise
Ibm ≫ Informix Dynamic Server Version12.10 Updatefc11 SwEditionenterprise
Ibm ≫ Informix Dynamic Server Version12.10 Updatefc12 SwEditionenterprise
Ibm ≫ Informix Dynamic Server Version12.10 Updatefc2 SwEditionenterprise
Ibm ≫ Informix Dynamic Server Version12.10 Updatefc3 SwEditionenterprise
Ibm ≫ Informix Dynamic Server Version12.10 Updatefc4 SwEditionenterprise
Ibm ≫ Informix Dynamic Server Version12.10 Updatefc5 SwEditionenterprise
Ibm ≫ Informix Dynamic Server Version12.10 Updatefc6 SwEditionenterprise
Ibm ≫ Informix Dynamic Server Version12.10 Updatefc7 SwEditionenterprise
Ibm ≫ Informix Dynamic Server Version12.10 Updatefc8 SwEditionenterprise
Ibm ≫ Informix Dynamic Server Version12.10 Updatefc9 SwEditionenterprise
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.07% | 0.193 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 6.7 | 0.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
| psirt@us.ibm.com | 8.2 | 1.5 | 6 |
CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.