CVE-2012-3334Improper Restriction of Operations within the Bounds of a Memory Buffer in IBM Informix Dynamic Server

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
9.0CRITICALNVD
EPSS
8.5%
top 7.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Informix Dynamic Server
Timeline
PublishedSep 25
Latest updateMay 17

Description

Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 11.50 before 11.50.xC9W2 and 11.70 before 11.70.xC5 allows remote authenticated users to execute arbitrary code via crafted arguments in a SET COLLATION statement.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages1 packages

NVDibm/informix_dynamic_server32 versions+31

🔴Vulnerability Details

2
GHSA
GHSA-q59q-qw62-x3cx: Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 112022-05-17
CVEList
CVE-2012-3334: Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 112012-09-25