CVSS: 9.0EPSS: 93%CPEs: 2EXPL: 0CVE-2010-4053
https://notcve.org/view.php?id=CVE-2010-4053
Stack-based buffer overflow in an unspecified logging function in oninit.exe in IBM Informix Dynamic Server (IDS) 11.10 before 11.10.xC2W2 and 11.50 before 11.50.xC1 allows remote authenticated users to execute arbitrary code via a crafted EXPLAIN directive, aka idsdb00154125 and idsdb00154243. Desbordamiento de búfer en una función no especificada en oninit.exe en IBM Informix Dynamic Server (IDS) v11.10 anteriores a v11.10.xC2W2 y v11.50 anteriores a v11.50.xC1 permite a usuarios remotos autenticadaos a ejecutar código arbitrario a través de una directiva EXLAIN manipulada, también conocido como idsb00154125 e idsdb00154243. • http://secunia.com/advisories/41913 http://www.osvdb.org/68705 http://www.vupen.com/english/advisories/2010/2734 http://www.zerodayinitiative.com/advisories/ZDI-10-216 https://exchange.xforce.ibmcloud.com/vulnerabilities/62619 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 1%CPEs: 19EXPL: 0CVE-2009-3470
https://notcve.org/view.php?id=CVE-2009-3470
IBM Informix Dynamic Server (IDS) 10.00 before 10.00.xC11, 11.10 before 11.10.xC4, and 11.50 before 11.50.xC5 allows remote attackers to cause a denial of service (memory corruption, assertion failure, and daemon crash) by sending a long password over a JDBC connection. IBM Informix Dynamic Server (IDS) v10.00 anterior a v10.00.xC11, v11.10 anterior a v11.10.xC4, y v11.50 anterior a v11.50.xC5 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de demonio) enviando una contraseña larga sobre una conexión JDBC. • http://secunia.com/advisories/36853 http://www-01.ibm.com/support/docview.wss?uid=swg1IC61195 http://www.securityfocus.com/bid/36538 http://www.securitytracker.com/id?1022955 http://www.vupen.com/english/advisories/2009/2786 • CWE-399: Resource Management Errors •