Page 4 of 18 results (0.005 seconds)

CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 0

Format string vulnerability in IBM Informix Dynamic Server (IDS) before 9.40.xC3 allows local users to execute arbitrary code via a modified INFORMIXDIR environment variable that points to a file with format string specifiers in the filename. • http://marc.info/?l=bugtraq&m=107524391217364&w=2 http://secunia.com/advisories/10737 http://www-1.ibm.com/support/docview.wss?uid=swg21153336 http://www.osvdb.org/3757 http://www.securityfocus.com/bid/9511 https://exchange.xforce.ibmcloud.com/vulnerabilities/14967 •

CVSS: 3.6EPSS: 0%CPEs: 4EXPL: 2

IBM Informix Dynamic Server (IDS) before 9.40.xC3 allows local users to (1) create or overwrite files via the /001 log file to onedcu or (2) read arbitrary files via a symlink attack on a file in /tmp to onshowaudit. • http://secunia.com/advisories/10737 http://www-1.ibm.com/support/docview.wss?uid=swg21153336 http://www.osvdb.org/3758 http://www.osvdb.org/3760 http://www.securityfocus.com/archive/1/351770 http://www.securityfocus.com/bid/9511 http://www.securityfocus.com/bid/9512 https://exchange.xforce.ibmcloud.com/vulnerabilities/14969 https://exchange.xforce.ibmcloud.com/vulnerabilities/14971 •

CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 4

Stack-based buffer overflow in ontape for IBM Informix Dynamic Server (IDS) 9.40.xC3 and earlier allows local users, with DSA privileges, to execute arbitrary code via a long ONCONFIG environment variable. • https://www.exploit-db.com/exploits/23609 https://www.exploit-db.com/exploits/23610 http://marc.info/?l=bugtraq&m=107539878804074&w=2 http://secunia.com/advisories/10737 http://www-1.ibm.com/support/docview.wss?uid=swg21153336 http://www.osvdb.org/3759 http://www.securityfocus.com/bid/9512 https://exchange.xforce.ibmcloud.com/vulnerabilities/14970 •