NotCVE - vendor:"Ibm" product:"Informix"

Page 4 of 62 results (0.004 seconds)

CVSS: 10.0EPSS: 32%CPEs: 29EXPL: 1

CVE-2009-2754 – Multiple Vendor librpc.dll Signedness Error Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2009-2754

01 Mar 2010 — Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3 and EMC Legato NetWorker, allows remote attackers to execute arbitrary code via a crafted parameter size that triggers a stack-based buffer overflow. Error de entero sin signo en la funcionalidad de autenticación en librpc.dll en Informix Storage Manager (ISM) Portmap... • https://www.exploit-db.com/exploits/12109 • CWE-189: Numeric Errors •

CVSS: 9.3EPSS: 20%CPEs: 3EXPL: 2

CVE-2009-3691 – IBM Informix Client SDK 3.0 - '.nfx' File Integer Overflow

https://notcve.org/view.php?id=CVE-2009-3691

13 Oct 2009 — Multiple integer overflows in setnet32.exe 3.50.0.13752 in IBM Informix Client SDK 3.0 and 3.50 and Informix Connect Runtime 3.x allow remote attackers to execute arbitrary code via a .nfx file with a crafted (1) HostSize, and possibly (2) ProtoSize and (3) ServerSize, field that triggers a stack-based buffer overflow involving a crafted HostList field. NOTE: some of these details are obtained from third party information. Múltiples desbordamientos de entero en setnet32.exe v3.50.0.13752 en IBM Informix Cli... • https://www.exploit-db.com/exploits/10070 • CWE-189: Numeric Errors •

CVSS: 7.5EPSS: 1%CPEs: 19EXPL: 0

CVE-2009-3470

https://notcve.org/view.php?id=CVE-2009-3470

29 Sep 2009 — IBM Informix Dynamic Server (IDS) 10.00 before 10.00.xC11, 11.10 before 11.10.xC4, and 11.50 before 11.50.xC5 allows remote attackers to cause a denial of service (memory corruption, assertion failure, and daemon crash) by sending a long password over a JDBC connection. IBM Informix Dynamic Server (IDS) v10.00 anterior a v10.00.xC11, v11.10 anterior a v11.10.xC4, y v11.50 anterior a v11.50.xC5 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de demonio) enviando... • http://secunia.com/advisories/36853 • CWE-399: Resource Management Errors •

CVSS: 10.0EPSS: 4%CPEs: 17EXPL: 0

CVE-2008-0949

https://notcve.org/view.php?id=CVE-2008-0949

18 Mar 2008 — Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 7.x through 11.x allows remote attackers to gain privileges via a malformed connection request packet. Vulnerabilidad no especificada en IBM Informix Dynamic Server (IDS) 7.x hasta 11.x permite a atacantes remotos ganar privilegios mediante paquetes de petición de conexión mal formados. • http://secunia.com/advisories/29272 •

CVSS: 8.8EPSS: 32%CPEs: 17EXPL: 0

CVE-2008-0727 – IBM Informix Dynamic Server Authentication Password Stack Overflow Vulnerability

https://notcve.org/view.php?id=CVE-2008-0727

13 Mar 2008 — Multiple buffer overflows in oninit.exe in IBM Informix Dynamic Server (IDS) 7.x through 11.x allow (1) remote attackers to execute arbitrary code via a long password and (2) remote authenticated users to execute arbitrary code via a long DBPATH value. Múltiples Desbordamientos de búfer en oninit.exe de IBM Informix Dynamic Server (IDS) de la versión 7.x a la 11.x, permite (1)a atacantes remotos ejecutar código de su elección a través de una contraseña larga (2) y usuarios autenticados remotamente, pueden e... • http://secunia.com/advisories/29272 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 4%CPEs: 4EXPL: 0

CVE-2008-0768

https://notcve.org/view.php?id=CVE-2008-0768

13 Feb 2008 — Multiple stack-based and heap-based buffer overflows in the Windows RPC components for IBM Informix Storage Manager (ISM), as used in Informix Dynamic Server (IDS) 10.00.xC8 and earlier and 11.10.xC2 and earlier, allow attackers to execute arbitrary code via crafted XDR requests. Múltiples desbordamientos de búfer basados en pila y en montículo en los componentes Windows RPC para IBM Informix Storage Manager (ISM), como se utilizan en Informix Dynamic Server (IDS) 10.00.xC8 y anteriores y 11.10.xC2 y anteri... • http://secunia.com/advisories/28689 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0

CVE-2008-0369

https://notcve.org/view.php?id=CVE-2008-0369

18 Jan 2008 — Multiple unspecified programs in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allow local users to create arbitrary files by specifying the target file in the SQLIDEBUG environment variable, whose ownership is changed to the user invoking the programs. Múltiples programas no especificados en IBM Informix Dynamic Server (IDS) versiones 10.x anteriores a 10.00.xC8, permiten a usuarios locales crear archivos arbitrarios especificando el archivo de destino en la variable de entorno SQLIDEBUG, cuya pr... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=650 •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2008-0368

https://notcve.org/view.php?id=CVE-2008-0368

18 Jan 2008 — onedcu in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allows local users to create arbitrary files via the Trace file argument. onedcu en IBM Informix Dynamic Server (IDS) versiones 10.x anteriores a 10.00.xC8, permite a usuarios locales crear archivos arbitrarios por medio del argumento de archivo Trace. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=651 •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2007-5957

https://notcve.org/view.php?id=CVE-2007-5957

14 Nov 2007 — Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 10.00.TC3TL and 11.10.TB4TL on Windows allows attackers to cause a denial of service (application crash) via unspecified SQ_ONASSIST requests. Vulnerabilidad no especificada en IBM Informix Dynamic Server (IDS) 10.00.TC3TL y 11.10.TB4TL en Windows permite a atacantes provocar una denegación de servicio (caída de la aplicación) mediante peticiones SQ_ONASSIST no especificadas. • http://osvdb.org/41621 •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

CVE-2007-5956

https://notcve.org/view.php?id=CVE-2007-5956

14 Nov 2007 — Directory traversal vulnerability in IBM Informix Dynamic Server (IDS) before 10.00.xC7W1 allows local users to gain privileges by referencing modified NLS message files through directory traversal sequences in the DBLANG environment variable. Una vulnerabilidad de salto de directorio en IBM Informix Dynamic Server (IDS) versiones anteriores a 10.00.xC7W1, permite a usuarios locales alcanzar privilegios haciendo referencia a archivos de mensajes NLS modificados por medio de secuencias de salto de directorio... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=624 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

1 2 3 4 5