CVE-2012-4857Improper Restriction of Operations within the Bounds of a Memory Buffer in IBM Informix Dynamic Server

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
9.0CRITICALNVD
EPSS
7.6%
top 8.10%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Informix Dynamic Server
Timeline
PublishedDec 8
Latest updateMay 17

Description

Buffer overflow in IBM Informix 11.50 through 11.50.xC9W2 and 11.70 before 11.70.xC7 allows remote authenticated users to execute arbitrary code via a crafted SQL statement.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 8.0 | Impact: 10.0

Affected Packages1 packages

NVDibm/informix_dynamic_server30 versions+29

🔴Vulnerability Details

2
GHSA
GHSA-2q3w-q48r-7m5f: Buffer overflow in IBM Informix 112022-05-17
CVEList
CVE-2012-4857: Buffer overflow in IBM Informix 112012-12-08
CVE-2012-4857 — IBM vulnerability | cvebase