IBM Informix Dynamic Server privilege escalation

2007-11-12T00:00:00
ID SECURITYVULNS:VULN:8331
Type securityvulns
Reporter BUGTRAQ
Modified 2007-11-12T00:00:00

Description

Directory traversal on DBLANG environment variable parsing allows to specify attacker-controlled NLS files, leading to possibility of format string attacks for suid applications.