Summary
| Detail | |||
|---|---|---|---|
| Vendor | Ibm | First view | 2006-11-02 |
| Product | Informix Client Sdk | Last view | 2009-10-13 |
| Version | Type | Application | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
| CPE Name | Affected CVE |
|---|---|
| cpe:2.3:a:ibm:informix_client_sdk:2.90:*:*:*:*:*:*:* | 2 |
| cpe:2.3:a:ibm:informix_client_sdk:3.0:*:*:*:*:*:*:* | 1 |
| cpe:2.3:a:ibm:informix_client_sdk:3.50:*:*:*:*:*:*:* | 1 |
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 9.3 | 2009-10-13 | CVE-2009-3691 | Multiple integer overflows in setnet32.exe 3.50.0.13752 in IBM Informix Client SDK 3.0 and 3.50 and Informix Connect Runtime 3.x allow remote attackers to execute arbitrary code via a .nfx file with a crafted (1) HostSize, and possibly (2) ProtoSize and (3) ServerSize, field that triggers a stack-based buffer overflow involving a crafted HostList field. NOTE: some of these details are obtained from third party information. |
| 4.6 | 2006-11-02 | CVE-2006-5664 | The installation script in IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 allows local users to "compromise security" via a symlink attack on temporary files. |
| 4.6 | 2006-11-02 | CVE-2006-5663 | IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 use insecure permissions for installation scripts, which allows local users to gain privileges by modifying the scripts. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 100% (1) | CWE-189 | Numeric Errors |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 58530 | IBM Informix Multiple Products setnet32.exe NFX File Handling Overflow |
| 30154 | IBM Informix Multiple Products Unspecified Symlink |
| 30153 | IBM Informix Multiple Products Installation Script Permission Weakness |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2017-08-23 | IBM Informix Client SDK NFX file InformixServerList processing stack buffer o... RuleID : 43624 - Type : FILE-OTHER - Revision : 2 |
| 2017-08-23 | IBM Informix Client SDK NFX file HostList processing stack buffer overflow at... RuleID : 43623 - Type : FILE-OTHER - Revision : 2 |
| 2014-01-10 | IBM Informix Client SDK NFX file InformixServerList processing stack buffer o... RuleID : 16346 - Type : FILE-OTHER - Revision : 5 |
| 2014-01-10 | IBM Informix Client SDK NFX file HostList processing stack buffer overflow at... RuleID : 16345 - Type : FILE-OTHER - Revision : 5 |
