Security Bulletin: Vulnerability in OpenSSL affects Informix Dynamic Server and CSDK (CVE-2015-1788)

Summary An OpenSSL denial of service vulnerability disclosed by the OpenSSL Project affects GSKit. Informix Dynamic Server uses GSKit and addressed the applicable CVE. Vulnerability Details CVEID: CVE-2015-1788 DESCRIPTION: OpenSSL is vulnerable to a denial of service, caused by an error when...

Security Bulletin: A vulnerability in the GSKit component of Client Software Development Kit (CSDK) (CVE-2016-0201)

Summary A vulnerability has been addressed in the GSKit, component of Informix Client Software Development Kit CSDK Vulnerability Details CVEID: CVE-2016-0201 DESCRIPTION: IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a MD5 collision. An attacker could exploit...

Security Bulletin: TLS padding vulnerability affects Informix Client Software Development Kit (CSDK) ( CVE-2014-8730)

Summary Informix Client Software Development Kit CSDK can be affected by a TLS Transport Layer Security padding vulnerability which can allow a remote attacker to obtain sensitive information. Vulnerability Details The following vulnerability affects IBM Informix Client Software Development Kit...

Security Bulletin: Potential SSL/TLS-related denial of service vulnerability in IBM Informix Client SDK (CVE-2013-6329)

Summary Informix Client SDK is impacted by a vulnerability in IBM's GSKIT library which can result in a denial of service caused by an error in SSL/TLS handshake processing related to session resumption when using SSLv2. A remote attacker could exploit this vulnerability to cause the system to...

Security Bulletin: Vulnerability in InstallShield/InstallAnywhere affects IBM Informix CSDK and Server installation on Windows(CVE-2016-2542, CVE-2016-4560)

Summary InstallShield/installAnywhere generates installation executables which are vulnerable to a DLL-planting affecting the installation of IBM Informix CSDK and Dynamic Server on Windows. Vulnerability Details CVEID: CVE-2016-2542 DESCRIPTION: Flexera InstallShield could allow a local attacker...

IBM Informix产品Setnet32工具'.nfx'文件缓冲区溢出漏洞

Bugraq ID: 36588 IBM Informix Client Software Development Kit CSDK和IBM Informix Connect存在安全漏洞，远程攻击者可以利用漏洞破坏用户系统。 当处理".nfx"文件时存在边界错误，当应用程序打开包含超长"HostList"条目的".nfx"文件时可触发基于栈的缓冲区溢出。 成功利用漏洞可导致任意代码执行。 IBM Informix CSDK 3.50 IBM Informix Connect 3.0 厂商解决方案 目前没有详细解决方案提供：...

CVE-2006-5664

The installation script in IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit CSDK 2.90, and Informix I-Connect 2.90 allows local users to "compromise security" via a symlink attack on temporary files...

CVE-2006-5664

CVE-2006-5664 describes a local vulnerability in IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 where a symlink attack on temporary files could allow local users to compromise security. The report notes a local-access impact an...

CVE-2006-5663

CVE-2006-5663 affects IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90. The root cause is insecure permissions on installation scripts, allowing local users to gain privileges by modifying the scripts. The available documents do ...