CVE-2006-3861 — IBM Informix Dynamic Server vulnerability

3 documents3 sources

Severity

4.0MEDIUMNVD

EPSS

0.4%

top 36.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

IBM Informix Dynamic Server

Timeline

PublishedAug 8

Latest updateMay 1

Description

IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 does not use database creation permissions, which allows remote authenticated users to create arbitrary databases.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages1 packages

▶NVDibm/informix_dynamic_server10 versions+9

Patches

Patch: secunia.com ↗Patch: www-1.ibm.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-q875-4pp5-f2pm: IBM Informix Dynamic Server (IDS) before 9↗2022-05-01

▶

CVEList

CVE-2006-3861: IBM Informix Dynamic Server (IDS) before 9↗2006-08-08

▶