CVE-2007-5956

Sažetak

Directory traversal vulnerability in IBM Informix Dynamic Server (IDS) before 10.00.xC7W1 allows local users to gain privileges by referencing modified NLS message files through directory traversal sequences in the DBLANG environment variable.

Reference

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=624
http://secunia.com/advisories/27542
http://www.securityfocus.com/bid/26363
http://www.vupen.com/english/advisories/2007/3757
http://www-1.ibm.com/support/docview.wss?uid=swg1IC54252
http://www-1.ibm.com/support/docview.wss?uid=swg27011082
https://exchange.xforce.ibmcloud.com/vulnerabilities/38297

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

29-07-2017 - 01:33

Objavljeno

14-11-2007 - 11:46