PT-2010-5273 · Ibm · Ibm Informix Dynamic Server
Publicado
2010-10-25
·
Atualizado
2010-10-27
·
CVE-2010-4069
CVSS v2.0
8.5
Alta
| Vetor | AV:N/AC:M/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
IBM Informix Dynamic Server (IDS) versions 7.x through 7.31
IBM Informix Dynamic Server (IDS) versions 9.x through 9.40
IBM Informix Dynamic Server (IDS) versions 10.00 through 10.00.xC9
IBM Informix Dynamic Server (IDS) versions 11.10 through 11.10.xC2
IBM Informix Dynamic Server (IDS) versions 11.50 through 11.50.xC2
Description
A stack-based buffer overflow issue allows remote authenticated users to execute arbitrary code via long DBINFO keyword arguments in a SQL statement.
Recommendations
For IBM Informix Dynamic Server (IDS) versions 7.x through 7.31, update to a version later than 7.31.
For IBM Informix Dynamic Server (IDS) versions 9.x through 9.40, update to a version later than 9.40.
For IBM Informix Dynamic Server (IDS) versions 10.00 through 10.00.xC9, update to version 10.00.xC10 or later.
For IBM Informix Dynamic Server (IDS) versions 11.10 through 11.10.xC2, update to version 11.10.xC3 or later.
For IBM Informix Dynamic Server (IDS) versions 11.50 through 11.50.xC2, update to version 11.50.xC3 or later.
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Ibm Informix Dynamic Server