Lucene search

[email protected]CVE-2012-4857

HistoryDec 08, 2012 - 3:55 p.m.

CVE-2012-4857

2012-12-0815:55:01

CWE-119

[email protected]

web.nvd.nist.gov

cve-2012-4857

buffer overflow

ibm informix

security vulnerability

nvd

9 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

8 High

AI Score

Confidence

Low

0.095 Low

EPSS

Percentile

94.8%

JSON

Buffer overflow in IBM Informix 11.50 through 11.50.xC9W2 and 11.70 before 11.70.xC7 allows remote authenticated users to execute arbitrary code via a crafted SQL statement.

Affected configurations

NVD

Node

ibminformix_dynamic_serverMatch11.50

ibminformix_dynamic_serverMatch11.50.xc1

ibminformix_dynamic_serverMatch11.50.xc2

ibminformix_dynamic_serverMatch11.50.xc3

ibminformix_dynamic_serverMatch11.50.xc3w1

ibminformix_dynamic_serverMatch11.50.xc4

ibminformix_dynamic_serverMatch11.50.xc4w1

ibminformix_dynamic_serverMatch11.50.xc5

ibminformix_dynamic_serverMatch11.50.xc5w2

ibminformix_dynamic_serverMatch11.50.xc5w3

ibminformix_dynamic_serverMatch11.50.xc5w4

ibminformix_dynamic_serverMatch11.50.xc6

ibminformix_dynamic_serverMatch11.50.xc6w1

ibminformix_dynamic_serverMatch11.50.xc6w2

ibminformix_dynamic_serverMatch11.50.xc6w3

ibminformix_dynamic_serverMatch11.50.xc6w4

ibminformix_dynamic_serverMatch11.50.xc7

ibminformix_dynamic_serverMatch11.50.xc7w1

ibminformix_dynamic_serverMatch11.50.xc7w2

ibminformix_dynamic_serverMatch11.50.xc7w3

ibminformix_dynamic_serverMatch11.50.xc7w4

ibminformix_dynamic_serverMatch11.50.xc8

ibminformix_dynamic_serverMatch11.50.xc8w1

ibminformix_dynamic_serverMatch11.50.xc8w2

ibminformix_dynamic_serverMatch11.50.xc8w3

ibminformix_dynamic_serverMatch11.50.xc8w4

ibminformix_dynamic_serverMatch11.50.xc9

ibminformix_dynamic_serverMatch11.70.xc1

ibminformix_dynamic_serverMatch11.70.xc2

ibminformix_dynamic_serverMatch11.70.xc3

CPENameOperatorVersion
ibm:informix_dynamic_serveribm informix dynamic servereq11.50
ibm:informix_dynamic_serveribm informix dynamic servereq11.50.xc1
ibm:informix_dynamic_serveribm informix dynamic servereq11.50.xc2
ibm:informix_dynamic_serveribm informix dynamic servereq11.50.xc3
ibm:informix_dynamic_serveribm informix dynamic servereq11.50.xc3w1
ibm:informix_dynamic_serveribm informix dynamic servereq11.50.xc4
ibm:informix_dynamic_serveribm informix dynamic servereq11.50.xc4w1
ibm:informix_dynamic_serveribm informix dynamic servereq11.50.xc5
ibm:informix_dynamic_serveribm informix dynamic servereq11.50.xc5w2
ibm:informix_dynamic_serveribm informix dynamic servereq11.50.xc5w3

CPE	Name	Operator	Version
ibm:informix_dynamic_server	ibm informix dynamic server	eq	11.50
ibm:informix_dynamic_server	ibm informix dynamic server	eq	11.50.xc1
ibm:informix_dynamic_server	ibm informix dynamic server	eq	11.50.xc2
ibm:informix_dynamic_server	ibm informix dynamic server	eq	11.50.xc3
ibm:informix_dynamic_server	ibm informix dynamic server	eq	11.50.xc3w1
ibm:informix_dynamic_server	ibm informix dynamic server	eq	11.50.xc4
ibm:informix_dynamic_server	ibm informix dynamic server	eq	11.50.xc4w1
ibm:informix_dynamic_server	ibm informix dynamic server	eq	11.50.xc5
ibm:informix_dynamic_server	ibm informix dynamic server	eq	11.50.xc5w2
ibm:informix_dynamic_server	ibm informix dynamic server	eq	11.50.xc5w3