[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

252271

 
 

909

 
 

196835

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2006-3853Date: (C)2006-08-08   (M)2023-12-22


Buffer overflow in IBM Informix Dynamic Server (IDS) before 9.40.TC7 and 10.00 before 10.00.TC3, when running on Windows, allows remote attackers to execute arbitrary code via a long username.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.1
Exploit Score: 4.9
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
BID-19264
http://www.securityfocus.com/archive/1/archive/1/443133/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/443149/100/0/threaded
SECUNIA-21301
OSVDB-27685
ADV-2006-3077
http://www-1.ibm.com/support/docview.wss?uid=swg21242921
http://www.databasesecurity.com/informix/DatabaseHackersHandbook-AttackingInformix.pdf
informix-username-bo(28122)

CPE    9
cpe:/a:ibm:informix_dynamic_server:10.0
cpe:/a:ibm:informix_dynamic_server:10.0.xc3
cpe:/a:ibm:informix_dynamic_server:9.40.xc7
cpe:/a:ibm:informix_dynamic_server:9.4
...

© SecPod Technologies