Published: 27/01/2004 Updated: 11/07/2017

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 730

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Stack-based buffer overflow in ontape for IBM Informix Dynamic Server (IDS) 9.40.xC3 and previous versions allows local users, with DSA privileges, to execute arbitrary code via a long ONCONFIG environment variable.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ibm informix extended parallel server 8.40_uc1
ibm informix dynamic server 9.40.uc1
ibm informix dynamic server 9.40.uc2

source: wwwsecurityfocuscom/bid/9512/info IBM Informix Dynamic Server and IBM Informix Extended Parallel Server have been reported prone to multiple vulnerabilities The first issue exists in the onedcu binary Specifically, when the binary is invoked a predictable temporary file is created A local attacker may exploit this issue to lau ...

source: wwwsecurityfocuscom/bid/9512/info IBM Informix Dynamic Server and IBM Informix Extended Parallel Server have been reported prone to multiple vulnerabilities The first issue exists in the onedcu binary Specifically, when the binary is invoked a predictable temporary file is created A local attacker may exploit this issue to l ...

NVD-CWE-Other http://www-1.ibm.com/support/docview.wss?uid=swg21153336 http://www.securityfocus.com/bid/9512 http://secunia.com/advisories/10737/http://www.osvdb.org/3759 http://marc.info/?l=bugtraq&m=107539878804074&w=2 https://exchange.xforce.ibmcloud.com/vulnerabilities/14970 https://nvd.nist.gov https://www.exploit-db.com/exploits/23609/

CVE-2004-2131

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect