Lucene search

[email protected]CVE-2011-1033

HistoryFeb 15, 2011 - 1:00 a.m.

CVE-2011-1033

2011-02-1501:00:02

CWE-119

[email protected]

web.nvd.nist.gov

cve-2011-1033

stack-based buffer overflow

ibm informix dynamic server

ids 11.50

remote code execution

sql injection

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.2 High

AI Score

Confidence

Low

0.942 High

EPSS

Percentile

99.2%

JSON

Stack-based buffer overflow in oninit in IBM Informix Dynamic Server (IDS) 11.50 allows remote attackers to execute arbitrary code via crafted arguments in the USELASTCOMMITTED session environment option in a SQL SET ENVIRONMENT statement.

Affected configurations

NVD

Node

ibminformix_dynamic_serverMatch11.50

CPENameOperatorVersion
ibm:informix_dynamic_serveribm informix dynamic servereq11.50

CPE	Name	Operator	Version
ibm:informix_dynamic_server	ibm informix dynamic server	eq	11.50

References

dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-ibm

secunia.com/advisories/43212

securityreason.com/securityalert/8078

www.securityfocus.com/archive/1/516250/100/0/threaded

www.securityfocus.com/bid/46230

www.vupen.com/english/advisories/2011/0309

zerodayinitiative.com/advisories/ZDI-11-050/

exchange.xforce.ibmcloud.com/vulnerabilities/65209

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

8.2 High

AI Score

Confidence

Low

0.942 High

EPSS

Percentile

99.2%

JSON

Related for CVE-2011-1033

cvelist1 openvas4 checkpoint_advisories1 prion1 nvd1 zdi1