CVSS: 9.0EPSS: 7%CPEs: 30EXPL: 0CVE-2012-4857
https://notcve.org/view.php?id=CVE-2012-4857
08 Dec 2012 — Buffer overflow in IBM Informix 11.50 through 11.50.xC9W2 and 11.70 before 11.70.xC7 allows remote authenticated users to execute arbitrary code via a crafted SQL statement. Desbordamiento de búfer en IBM Informix v11.50 hasta v11.50.xC9W2 y v11.70 anterior a v11.70.xC7, permite a atacantes remotos autenticados ejecutar código arbitrario mediante una sentencia SQL especialmente diseñada. • http://www.securitytracker.com/id?1027849 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.0EPSS: 8%CPEs: 32EXPL: 0CVE-2012-3334
https://notcve.org/view.php?id=CVE-2012-3334
25 Sep 2012 — Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 11.50 before 11.50.xC9W2 and 11.70 before 11.70.xC5 allows remote authenticated users to execute arbitrary code via crafted arguments in a SET COLLATION statement. Desbordamiento de búfer basado en pila en IBM Informix Dynamic Server (IDS) v11.50 antes de v11.50.xC9W2 y v11.70 antes de v11.70.xC5 permite a usuarios remotos autenticados ejecutar código de su elección a través de argumentos modificados en una petición 'SET COLLATION'. • http://osvdb.org/85736 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 23%CPEs: 1EXPL: 0CVE-2011-1033 – IBM Informix Dynamic Server SET ENVIRONMENT Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-1033
07 Feb 2011 — Stack-based buffer overflow in oninit in IBM Informix Dynamic Server (IDS) 11.50 allows remote attackers to execute arbitrary code via crafted arguments in the USELASTCOMMITTED session environment option in a SQL SET ENVIRONMENT statement. Desbordamiento de búfer basado en pila en en oninit en IBM Informix Dynamic Server (IDS) v11.50 permite a atacantes remotos ejecutar código de su elección a través de argumentos manipulados en la opción de sesión de entorno USELASTCOMMITTED en un estado SQL SET ENVIRONMEN... • http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-ibm • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 8%CPEs: 29EXPL: 0CVE-2010-4069
https://notcve.org/view.php?id=CVE-2010-4069
25 Oct 2010 — Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 7.x through 7.31, 9.x through 9.40, 10.00 before 10.00.xC10, 11.10 before 11.10.xC3, and 11.50 before 11.50.xC3 allows remote authenticated users to execute arbitrary code via long DBINFO keyword arguments in a SQL statement, aka idsdb00165017, idsdb00165019, idsdb00165021, idsdb00165022, and idsdb00165023. Desbordamiento de búfer basado en pila en IBM Informix Dynamic Server (IDS) v7.x hasta la v7.31, 9.x hasta la v9.40, v10.00 anterior a v10... • http://secunia.com/advisories/41914 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 8%CPEs: 25EXPL: 0CVE-2010-4070
https://notcve.org/view.php?id=CVE-2010-4070
25 Oct 2010 — Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper service) in ISM before 2.20.TC1.117 in IBM Informix Dynamic Server (IDS) 7.x before 7.31.xD11, 9.x before 9.40.xC10, 10.00 before 10.00.xC8, and 11.10 before 11.10.xC2 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted parameter size, aka idsdb00146931, idsdb00146930, idsdb00146929, and idsdb00138308. Desbordamiento de entero en librpc.dll en portmap.exe (también conocido ... • http://secunia.com/advisories/41915 • CWE-189: Numeric Errors •
CVSS: 9.0EPSS: 6%CPEs: 2EXPL: 0CVE-2010-4053
https://notcve.org/view.php?id=CVE-2010-4053
22 Oct 2010 — Stack-based buffer overflow in an unspecified logging function in oninit.exe in IBM Informix Dynamic Server (IDS) 11.10 before 11.10.xC2W2 and 11.50 before 11.50.xC1 allows remote authenticated users to execute arbitrary code via a crafted EXPLAIN directive, aka idsdb00154125 and idsdb00154243. Desbordamiento de búfer en una función no especificada en oninit.exe en IBM Informix Dynamic Server (IDS) v11.10 anteriores a v11.10.xC2W2 y v11.50 anteriores a v11.50.xC1 permite a usuarios remotos autenticadaos a e... • http://secunia.com/advisories/41913 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 19EXPL: 0CVE-2009-3470
https://notcve.org/view.php?id=CVE-2009-3470
29 Sep 2009 — IBM Informix Dynamic Server (IDS) 10.00 before 10.00.xC11, 11.10 before 11.10.xC4, and 11.50 before 11.50.xC5 allows remote attackers to cause a denial of service (memory corruption, assertion failure, and daemon crash) by sending a long password over a JDBC connection. IBM Informix Dynamic Server (IDS) v10.00 anterior a v10.00.xC11, v11.10 anterior a v11.10.xC4, y v11.50 anterior a v11.50.xC5 permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria y caída de demonio) enviando... • http://secunia.com/advisories/36853 • CWE-399: Resource Management Errors •