Lucene search

[email protected]CVE-2012-3334

HistorySep 25, 2012 - 8:55 p.m.

CVE-2012-3334

2012-09-2520:55:01

CWE-119

[email protected]

web.nvd.nist.gov

cve-2012-3334

ibm informix dynamic server

buffer overflow

remote code execution

nvd

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

7.8 High

AI Score

Confidence

Low

0.926 High

EPSS

Percentile

99.0%

JSON

Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 11.50 before 11.50.xC9W2 and 11.70 before 11.70.xC5 allows remote authenticated users to execute arbitrary code via crafted arguments in a SET COLLATION statement.

Affected configurations

NVD

Node

ibminformix_dynamic_serverMatch11.50

ibminformix_dynamic_serverMatch11.50.xc1

ibminformix_dynamic_serverMatch11.50.xc2

ibminformix_dynamic_serverMatch11.50.xc3

ibminformix_dynamic_serverMatch11.50.xc3w1

ibminformix_dynamic_serverMatch11.50.xc4

ibminformix_dynamic_serverMatch11.50.xc4w1

ibminformix_dynamic_serverMatch11.50.xc5

ibminformix_dynamic_serverMatch11.50.xc5w2

ibminformix_dynamic_serverMatch11.50.xc5w3

ibminformix_dynamic_serverMatch11.50.xc5w4

ibminformix_dynamic_serverMatch11.50.xc6

ibminformix_dynamic_serverMatch11.50.xc6w1

ibminformix_dynamic_serverMatch11.50.xc6w2

ibminformix_dynamic_serverMatch11.50.xc6w3

ibminformix_dynamic_serverMatch11.50.xc6w4

ibminformix_dynamic_serverMatch11.50.xc7

ibminformix_dynamic_serverMatch11.50.xc7w1

ibminformix_dynamic_serverMatch11.50.xc7w2

ibminformix_dynamic_serverMatch11.50.xc7w3

ibminformix_dynamic_serverMatch11.50.xc7w4

ibminformix_dynamic_serverMatch11.50.xc8

ibminformix_dynamic_serverMatch11.50.xc8w1

ibminformix_dynamic_serverMatch11.50.xc8w2

ibminformix_dynamic_serverMatch11.50.xc8w3

ibminformix_dynamic_serverMatch11.50.xc8w4

ibminformix_dynamic_serverMatch11.50.xc9

ibminformix_dynamic_serverMatch11.50.xc9w1

Node

ibminformix_dynamic_serverMatch11.70.xc1

ibminformix_dynamic_serverMatch11.70.xc2

ibminformix_dynamic_serverMatch11.70.xc3

ibminformix_dynamic_serverMatch11.70.xc4

CPENameOperatorVersion
ibm:informix_dynamic_serveribm informix dynamic servereq11.50
ibm:informix_dynamic_serveribm informix dynamic servereq11.50.xc1
ibm:informix_dynamic_serveribm informix dynamic servereq11.50.xc2
ibm:informix_dynamic_serveribm informix dynamic servereq11.50.xc3
ibm:informix_dynamic_serveribm informix dynamic servereq11.50.xc3w1
ibm:informix_dynamic_serveribm informix dynamic servereq11.50.xc4
ibm:informix_dynamic_serveribm informix dynamic servereq11.50.xc4w1
ibm:informix_dynamic_serveribm informix dynamic servereq11.50.xc5
ibm:informix_dynamic_serveribm informix dynamic servereq11.50.xc5w2
ibm:informix_dynamic_serveribm informix dynamic servereq11.50.xc5w3

CPE	Name	Operator	Version
ibm:informix_dynamic_server	ibm informix dynamic server	eq	11.50
ibm:informix_dynamic_server	ibm informix dynamic server	eq	11.50.xc1
ibm:informix_dynamic_server	ibm informix dynamic server	eq	11.50.xc2
ibm:informix_dynamic_server	ibm informix dynamic server	eq	11.50.xc3
ibm:informix_dynamic_server	ibm informix dynamic server	eq	11.50.xc3w1
ibm:informix_dynamic_server	ibm informix dynamic server	eq	11.50.xc4
ibm:informix_dynamic_server	ibm informix dynamic server	eq	11.50.xc4w1
ibm:informix_dynamic_server	ibm informix dynamic server	eq	11.50.xc5
ibm:informix_dynamic_server	ibm informix dynamic server	eq	11.50.xc5w2
ibm:informix_dynamic_server	ibm informix dynamic server	eq	11.50.xc5w3