Lucene search

[email protected]NVD:CVE-2006-3853

HistoryAug 08, 2006 - 10:04 p.m.

CVE-2006-3853

2006-08-0822:04:00

[email protected]

web.nvd.nist.gov

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

7.6

Confidence

Low

EPSS

0.056

Percentile

93.3%

JSON

Buffer overflow in IBM Informix Dynamic Server (IDS) before 9.40.TC7 and 10.00 before 10.00.TC3, when running on Windows, allows remote attackers to execute arbitrary code via a long username.

Affected configurations

Nvd

Node

ibminformix_dynamic_serverMatch9.4

ibminformix_dynamic_serverMatch9.40.tc5

ibminformix_dynamic_serverMatch9.40.uc1

ibminformix_dynamic_serverMatch9.40.uc2

ibminformix_dynamic_serverMatch9.40.uc3

ibminformix_dynamic_serverMatch9.40.uc5

ibminformix_dynamic_serverMatch9.40.xc7

ibminformix_dynamic_serverMatch10.0

ibminformix_dynamic_serverMatch10.0.xc3

VendorProductVersionCPE
ibminformix_dynamic_server9.4cpe:2.3:a:ibm:informix_dynamic_server:9.4:*:*:*:*:*:*:*
ibminformix_dynamic_server9.40.tc5cpe:2.3:a:ibm:informix_dynamic_server:9.40.tc5:*:*:*:*:*:*:*
ibminformix_dynamic_server9.40.uc1cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc1:*:*:*:*:*:*:*
ibminformix_dynamic_server9.40.uc2cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc2:*:*:*:*:*:*:*
ibminformix_dynamic_server9.40.uc3cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc3:*:*:*:*:*:*:*
ibminformix_dynamic_server9.40.uc5cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc5:*:*:*:*:*:*:*
ibminformix_dynamic_server9.40.xc7cpe:2.3:a:ibm:informix_dynamic_server:9.40.xc7:*:*:*:*:*:*:*
ibminformix_dynamic_server10.0cpe:2.3:a:ibm:informix_dynamic_server:10.0:*:*:*:*:*:*:*
ibminformix_dynamic_server10.0.xc3cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
ibm	informix_dynamic_server	9.4	cpe:2.3:a:ibm:informix_dynamic_server:9.4:::::::*
ibm	informix_dynamic_server	9.40.tc5	cpe:2.3:a:ibm:informix_dynamic_server:9.40.tc5:::::::*
ibm	informix_dynamic_server	9.40.uc1	cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc1:::::::*
ibm	informix_dynamic_server	9.40.uc2	cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc2:::::::*
ibm	informix_dynamic_server	9.40.uc3	cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc3:::::::*
ibm	informix_dynamic_server	9.40.uc5	cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc5:::::::*
ibm	informix_dynamic_server	9.40.xc7	cpe:2.3:a:ibm:informix_dynamic_server:9.40.xc7:::::::*
ibm	informix_dynamic_server	10.0	cpe:2.3:a:ibm:informix_dynamic_server:10.0:::::::*
ibm	informix_dynamic_server	10.0.xc3	cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc3:::::::*

References

secunia.com/advisories/21301

www-1.ibm.com/support/docview.wss?uid=swg21242921

www.databasesecurity.com/informix/DatabaseHackersHandbook-AttackingInformix.pdf

www.osvdb.org/27685

www.securityfocus.com/archive/1/443133/100/0/threaded

www.securityfocus.com/archive/1/443149/100/0/threaded

www.securityfocus.com/bid/19264

www.vupen.com/english/advisories/2006/3077

exchange.xforce.ibmcloud.com/vulnerabilities/28122

CVSS2

5.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

AI Score

7.6

Confidence

Low

EPSS

0.056

Percentile

93.3%

JSON

Related for NVD:CVE-2006-3853

cve2 securityvulns2 cvelist2 nvd1 nessus1