PT-2002-1915 · Ibm · Informix Se
Published
2002-08-31
·
Updated
2008-09-05
·
CVE-2002-0905
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Informix SE version 7.25
Description:
A buffer overflow issue exists in the sqlexec component, allowing local users to potentially gain root privileges. This is achieved by manipulating the INFORMIXDIR environment variable to be excessively long.
Recommendations:
For Informix SE version 7.25, consider restricting access to the sqlexec component until a fix is available, and avoid using excessively long values for the
INFORMIXDIR environment variable to minimize the risk of exploitation.Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Informix Se