Filtered by vendor Ibm
Subscriptions
Filtered by product Informix Dynamic Server
Subscriptions
Total
46 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2004-2131 | 1 Ibm | 2 Informix Dynamic Server, Informix Extended Parallel Server | 2017-07-11 | N/A |
Stack-based buffer overflow in ontape for IBM Informix Dynamic Server (IDS) 9.40.xC3 and earlier allows local users, with DSA privileges, to execute arbitrary code via a long ONCONFIG environment variable. | ||||
CVE-2017-1310 | 1 Ibm | 1 Informix Dynamic Server | 2017-07-07 | N/A |
IBM Informix Dynamic Server 12.1 could allow an authenticated user to cause a buffer overflow that would write large assertion fail files to the server. Done enough times, this could use large parts of the file system and cause the server to crash. IBM X-Force ID: 125569. | ||||
CVE-2016-0226 | 2 Ibm, Microsoft | 2 Informix Dynamic Server, Windows | 2016-12-03 | N/A |
The client implementation in IBM Informix Dynamic Server 11.70.xCn on Windows does not properly restrict access to the (1) nsrd, (2) nsrexecd, and (3) portmap executable files, which allows local users to gain privileges via a Trojan horse file. | ||||
CVE-2006-5664 | 1 Ibm | 3 Informix Client Sdk, Informix Dynamic Server, Informix I-connect | 2011-03-08 | N/A |
The installation script in IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 allows local users to "compromise security" via a symlink attack on temporary files. | ||||
CVE-2006-5663 | 1 Ibm | 3 Informix Client Sdk, Informix Dynamic Server, Informix I-connect | 2011-03-08 | N/A |
IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 use insecure permissions for installation scripts, which allows local users to gain privileges by modifying the scripts. | ||||
CVE-2009-3470 | 1 Ibm | 1 Informix Dynamic Server | 2009-10-03 | N/A |
IBM Informix Dynamic Server (IDS) 10.00 before 10.00.xC11, 11.10 before 11.10.xC4, and 11.50 before 11.50.xC5 allows remote attackers to cause a denial of service (memory corruption, assertion failure, and daemon crash) by sending a long password over a JDBC connection. |