CVE-2006-3853Improper Restriction of Operations within the Bounds of a Memory Buffer in IBM Informix Dynamic Server

3 documents3 sources
Severity
5.1MEDIUMNVD
EPSS
6.1%
top 9.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Informix Dynamic Server
Timeline
PublishedAug 8
Latest updateMay 1

Description

Buffer overflow in IBM Informix Dynamic Server (IDS) before 9.40.TC7 and 10.00 before 10.00.TC3, when running on Windows, allows remote attackers to execute arbitrary code via a long username.

CVSS vector

AV:N/AC:H/C:P/I:P/A:PExploitability: 4.9 | Impact: 6.4

Affected Packages1 packages

NVDibm/informix_dynamic_server9 versions+8

Patches

Patch: secunia.comPatch: www-1.ibm.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-5xcv-6xwr-v657: Buffer overflow in IBM Informix Dynamic Server (IDS) before 92022-05-01
CVEList
CVE-2006-3853: Buffer overflow in IBM Informix Dynamic Server (IDS) before 92006-08-08
CVE-2006-3853 — IBM vulnerability | cvebase