Page 3 of 25 results (0.010 seconds)

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

Directory traversal vulnerability in IBM Informix Dynamic Server (IDS) before 10.00.xC7W1 allows local users to gain privileges by referencing modified NLS message files through directory traversal sequences in the DBLANG environment variable. Una vulnerabilidad de salto de directorio en IBM Informix Dynamic Server (IDS) versiones anteriores a 10.00.xC7W1, permite a usuarios locales alcanzar privilegios haciendo referencia a archivos de mensajes NLS modificados por medio de secuencias de salto de directorio en la variable de entorno DBLANG. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=624 http://secunia.com/advisories/27542 http://www-1.ibm.com/support/docview.wss?uid=swg1IC54252 http://www-1.ibm.com/support/docview.wss?uid=swg27011082 http://www.securityfocus.com/bid/26363 http://www.vupen.com/english/advisories/2007/3757 https://exchange.xforce.ibmcloud.com/vulnerabilities/38297 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0

Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 10.00.TC3TL and 11.10.TB4TL on Windows allows attackers to cause a denial of service (application crash) via unspecified SQ_ONASSIST requests. Vulnerabilidad no especificada en IBM Informix Dynamic Server (IDS) 10.00.TC3TL y 11.10.TB4TL en Windows permite a atacantes provocar una denegación de servicio (caída de la aplicación) mediante peticiones SQ_ONASSIST no especificadas. • http://osvdb.org/41621 http://secunia.com/advisories/27542 http://www-1.ibm.com/support/docview.wss?uid=swg1IC53588 http://www-1.ibm.com/support/docview.wss?uid=swg27011082 http://www.securityfocus.com/bid/26363 http://www.vupen.com/english/advisories/2007/3757 https://exchange.xforce.ibmcloud.com/vulnerabilities/38296 •

CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 0

IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 use insecure permissions for installation scripts, which allows local users to gain privileges by modifying the scripts. IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, y Informix I-Connect 2.90 utilizan permisos no seguros para los scripts de instalación, que permite a los usuarios locales obtener privilegios modificando estos scripts. • http://secunia.com/advisories/22609 http://securitytracker.com/id?1017156 http://www-1.ibm.com/support/docview.wss?uid=swg21247438 http://www.vupen.com/english/advisories/2006/4280 •

CVSS: 4.6EPSS: 0%CPEs: 3EXPL: 0

The installation script in IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 allows local users to "compromise security" via a symlink attack on temporary files. El script de instalación en IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, y Informix I-Connect 2.90 permite a los usuarios locales "comprometer la seguridad" mediante un ataque de enlaces simbólicos sobre ficheros temporales. • http://secunia.com/advisories/22609 http://securitytracker.com/id?1017156 http://www-1.ibm.com/support/docview.wss?uid=swg21247438 http://www.vupen.com/english/advisories/2006/4280 •

CVSS: 3.6EPSS: 0%CPEs: 1EXPL: 2

IBM Informix Dynamic Server 10.UC3RC1 Trial for Linux and possibly other versions creates /tmp/installserver.txt with insecure permissions, which allows local users to append data to arbitrary files via a symlink attack. IBM Informix Dynamic Server 10.UC3RC1 Trial para Linux y posiblemente otras versiones crean /tmp/installserver.txt con permisos no seguros, lo cual permite a usuarios locales añadir información a ficheros de su elección mediante un ataque de enlace simbólico. • http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0013.html http://secunia.com/advisories/22223 http://securityreason.com/securityalert/1686 http://www.osvdb.org/29349 http://www.securityfocus.com/archive/1/447501/100/0/threaded http://www.securityfocus.com/bid/20300 http://www.vupen.com/english/advisories/2006/3883 https://exchange.xforce.ibmcloud.com/vulnerabilities/29297 https://exchange.xforce.ibmcloud.com/vulnerabilities/29300 •