Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Informix Dynamic Server Security Vulnerabilities - 2006

cve
cve

CVE-2006-3853

Buffer overflow in IBM Informix Dynamic Server (IDS) before 9.40.TC7 and 10.00 before 10.00.TC3, when running on Windows, allows remote attackers to execute arbitrary code via a long username.

7.6AI Score

0.056EPSS

2006-08-08 10:04 PM
37
cve
cve

CVE-2006-3855

The ifx_load_internal function in IBM Informix Dynamic Server (IDS) allows remote authenticated users to execute arbitrary C code via the DllMain or _init function in a library, aka "C code UDR."

7AI Score

0.007EPSS

2006-08-08 10:04 PM
23
cve
cve

CVE-2006-3856

IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 allows local users to cause a denial of service (crash) via unspecified vectors.

6.1AI Score

0.0004EPSS

2006-08-08 10:04 PM
25
cve
cve

CVE-2006-3858

IBM Informix Dynamic Server (IDS) before 9.40.xC8 and 10.00 before 10.00.xC4 stores passwords in plaintext in shared memory, which allows local users to obtain passwords by reading the memory (product defects 171893, 171894, 173772).

6AI Score

0.0004EPSS

2006-08-08 10:04 PM
20
cve
cve

CVE-2006-3861

IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 does not use database creation permissions, which allows remote authenticated users to create arbitrary databases.

6.2AI Score

0.004EPSS

2006-08-08 10:04 PM
30
cve
cve

CVE-2006-3862

Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC5 through 9.40.xC7 and 10.00.TC1 through 10.00.xC3 allows attackers to execute arbitrary code via the SQLIDEBUG environment variable (envariable).

7.6AI Score

0.032EPSS

2006-08-08 10:04 PM
22
cve
cve

CVE-2006-5163

IBM Informix Dynamic Server 10.UC3RC1 Trial for Linux and possibly other versions creates /tmp/installserver.txt with insecure permissions, which allows local users to append data to arbitrary files via a symlink attack.

6.7AI Score

0.0004EPSS

2006-10-05 04:04 AM
22
cve
cve

CVE-2006-5663

IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 use insecure permissions for installation scripts, which allows local users to gain privileges by modifying the scripts.

6.8AI Score

0.0004EPSS

2006-11-03 01:07 AM
26
cve
cve

CVE-2006-5664

The installation script in IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 allows local users to "compromise security" via a symlink attack on temporary files.

6.3AI Score

0.0004EPSS

2006-11-03 01:07 AM
23