Ibm

Informix Dynamic Server

49 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.5

CVE-2008-0727

  • EPSS 32.76%
  • Veröffentlicht 18.03.2008 00:44:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple buffer overflows in oninit.exe in IBM Informix Dynamic Server (IDS) 7.x through 11.x allow (1) remote attackers to execute arbitrary code via a long password and (2) remote authenticated users to execute arbitrary code via a long DBPATH valu...

10

CVE-2008-0768

  • EPSS 4.1%
  • Veröffentlicht 13.02.2008 22:00:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple stack-based and heap-based buffer overflows in the Windows RPC components for IBM Informix Storage Manager (ISM), as used in Informix Dynamic Server (IDS) 10.00.xC8 and earlier and 11.10.xC2 and earlier, allow attackers to execute arbitrary ...

6.9

CVE-2008-0369

  • EPSS 0.05%
  • Veröffentlicht 19.01.2008 00:00:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Multiple unspecified programs in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allow local users to create arbitrary files by specifying the target file in the SQLIDEBUG environment variable, whose ownership is changed to the user invoking ...

7.2

CVE-2008-0368

  • EPSS 0.06%
  • Veröffentlicht 19.01.2008 00:00:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

onedcu in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allows local users to create arbitrary files via the Trace file argument.

4.9

CVE-2007-5957

  • EPSS 0.06%
  • Veröffentlicht 14.11.2007 11:46:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 10.00.TC3TL and 11.10.TB4TL on Windows allows attackers to cause a denial of service (application crash) via unspecified SQ_ONASSIST requests.

7.2

CVE-2007-5956

  • EPSS 0.02%
  • Veröffentlicht 14.11.2007 11:46:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

Directory traversal vulnerability in IBM Informix Dynamic Server (IDS) before 10.00.xC7W1 allows local users to gain privileges by referencing modified NLS message files through directory traversal sequences in the DBLANG environment variable.

4.6

CVE-2006-5664

  • EPSS 0.07%
  • Veröffentlicht 03.11.2006 01:07:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

The installation script in IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 allows local users to "compromise security" via a symlink attack on temporary files.

4.6

CVE-2006-5663

  • EPSS 0.05%
  • Veröffentlicht 03.11.2006 01:07:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 use insecure permissions for installation scripts, which allows local users to gain privileges by modifying the scripts.

3.6

CVE-2006-5163

Exploit
  • EPSS 0.08%
  • Veröffentlicht 05.10.2006 04:04:00
  • Zuletzt bearbeitet 09.04.2025 00:30:58

IBM Informix Dynamic Server 10.UC3RC1 Trial for Linux and possibly other versions creates /tmp/installserver.txt with insecure permissions, which allows local users to append data to arbitrary files via a symlink attack.

7.5

CVE-2006-3862

  • EPSS 1.41%
  • Veröffentlicht 08.08.2006 22:04:00
  • Zuletzt bearbeitet 03.04.2025 01:03:51

Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC5 through 9.40.xC7 and 10.00.TC1 through 10.00.xC3 allows attackers to execute arbitrary code via the SQLIDEBUG environment variable (envariable).