CVE-2006-5664IBM Informix Client SDK vulnerability

3 documents3 sources
Severity
4.6MEDIUMNVD
EPSS
0.1%
top 79.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
IBM Informix Client SDKIBM Informix Dynamic ServerIBM Informix I-connect
Timeline
PublishedNov 3
Latest updateMay 1

Description

The installation script in IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 allows local users to "compromise security" via a symlink attack on temporary files.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages3 packages

🔴Vulnerability Details

2
GHSA
GHSA-wvm9-fj85-3gwq: The installation script in IBM Informix Dynamic Server 102022-05-01
CVEList
CVE-2006-5664: The installation script in IBM Informix Dynamic Server 102006-11-03
CVE-2006-5664 — IBM Informix Client SDK vulnerability | cvebase