Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Informix_dynamic_server
(Ibm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 46 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2008-01-18 | CVE-2008-0368 | onedcu in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allows local users to create arbitrary files via the Trace file argument. | Informix_dynamic_server | N/A | ||
| 2007-11-14 | CVE-2007-5957 | Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 10.00.TC3TL and 11.10.TB4TL on Windows allows attackers to cause a denial of service (application crash) via unspecified SQ_ONASSIST requests. | Informix_dynamic_server | N/A | ||
| 2007-11-14 | CVE-2007-5956 | Directory traversal vulnerability in IBM Informix Dynamic Server (IDS) before 10.00.xC7W1 allows local users to gain privileges by referencing modified NLS message files through directory traversal sequences in the DBLANG environment variable. | Informix_dynamic_server | N/A | ||
| 2006-11-03 | CVE-2006-5664 | The installation script in IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 allows local users to "compromise security" via a symlink attack on temporary files. | Informix_client_sdk, Informix_dynamic_server, Informix_i\-Connect | N/A | ||
| 2006-11-03 | CVE-2006-5663 | IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 use insecure permissions for installation scripts, which allows local users to gain privileges by modifying the scripts. | Informix_client_sdk, Informix_dynamic_server, Informix_i\-Connect | N/A | ||
| 2006-10-05 | CVE-2006-5163 | IBM Informix Dynamic Server 10.UC3RC1 Trial for Linux and possibly other versions creates /tmp/installserver.txt with insecure permissions, which allows local users to append data to arbitrary files via a symlink attack. | Informix_dynamic_server | N/A | ||
| 2006-08-08 | CVE-2006-3862 | Buffer overflow in IBM Informix Dynamic Server (IDS) 9.40.TC5 through 9.40.xC7 and 10.00.TC1 through 10.00.xC3 allows attackers to execute arbitrary code via the SQLIDEBUG environment variable (envariable). | Informix_dynamic_server | N/A | ||
| 2006-08-08 | CVE-2006-3861 | IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 does not use database creation permissions, which allows remote authenticated users to create arbitrary databases. | Informix_dynamic_server | N/A | ||
| 2006-08-08 | CVE-2006-3858 | IBM Informix Dynamic Server (IDS) before 9.40.xC8 and 10.00 before 10.00.xC4 stores passwords in plaintext in shared memory, which allows local users to obtain passwords by reading the memory (product defects 171893, 171894, 173772). | Informix_dynamic_server | N/A | ||
| 2006-08-08 | CVE-2006-3856 | IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 allows local users to cause a denial of service (crash) via unspecified vectors. | Informix_dynamic_server | N/A |