Format string vulnerability in IBM Informix Dynamic Server (IDS) prior to 9.40.xC3 allows local users to execute arbitrary code via a modified INFORMIXDIR environment variable that points to a file with format string specifiers in the filename.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ibm informix dynamic server 9.40.uc1 |
||
ibm informix dynamic server 9.40.uc2 |