Stack-based buffer overflow vulnerability in IBM Informix Dynamic Server
CVE-2004-2131

Currently unrated

Key Information:

Vendor: IBM
Status: Informix Dynamic Server; Informix Extended Parallel Server
Vendor: CVE Published:; 27 January 2004

What is CVE-2004-2131?

A stack-based buffer overflow exists in the ontape utility for IBM Informix Dynamic Server, allowing local users with DSA privileges to execute arbitrary code. This vulnerability occurs when a long ONCONFIG environment variable is supplied, leading to potential unauthorized actions on the system. It is important for system administrators to ensure that relevant patches are applied to mitigate the risk.

References

http://www.osvdb.org/3759

vdb-entryx_refsource_OSVDB

http://www.securityfocus.com/bid/9512

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/14970

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
May 27, 2005
Vulnerability published
Jan 27, 2004