CVE-2004-2319

Name of the Vulnerable Software and Affected Versions: IBM Informix Dynamic Server (IDS) versions prior to 9.40.xC3

Description: The issue allows local users to create or overwrite files via the /001 log file to onedcu or read arbitrary files via a symlink attack on a file in /tmp to onshowaudit.

Recommendations: For versions prior to 9.40.xC3, update to version 9.40.xC3 or later to resolve the issue. As a temporary workaround, consider restricting access to the /001 log file and the /tmp directory to minimize the risk of exploitation.