CVE-2006-3862

Sažetak

Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC5 through 9.40.xC7 and 10.00.TC1 through 10.00.xC3 allows attackers to execute arbitrary code via the SQLIDEBUG environment variable (envariable).

Reference

http://secunia.com/advisories/21301
http://www.databasesecurity.com/informix/DatabaseHackersHandbook-AttackingInformix.pdf
http://www.osvdb.org/27694
http://www.securityfocus.com/archive/1/443133/100/0/threaded
http://www.securityfocus.com/archive/1/443165/100/0/threaded
http://www.securityfocus.com/bid/19264
http://www.vupen.com/english/advisories/2006/3077
http://www-1.ibm.com/support/docview.wss?uid=swg21242921
https://exchange.xforce.ibmcloud.com/vulnerabilities/28158

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

17-10-2018 - 21:32

Objavljeno

08-08-2006 - 22:04