CVE-2004-2319

Currently unrated

Key Information:

Vendor: IBM
Status: Informix Dynamic Server; Informix Extended Parallel Server
Vendor: CVE Published:; 31 December 2004

Summary

IBM Informix Dynamic Server (IDS) before 9.40.xC3 allows local users to (1) create or overwrite files via the /001 log file to onedcu or (2) read arbitrary files via a symlink attack on a file in /tmp to onshowaudit.

References

http://www.osvdb.org/3760

vdb-entryx_refsource_OSVDB

http://www.securityfocus.com/bid/9511

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/14969

vdb-entryx_refsource_XF

Timeline

Vulnerability Reserved
Aug 16, 2005
Vulnerability published
Dec 31, 2004