Symlink Vulnerability in IBM Informix Server and Development Kit
CVE-2006-5664

Currently unrated

Key Information:

Vendor: IBM
Status: Informix I-connect; Informix Dynamic Server; Informix Client Sdk
Vendor: CVE Published:; 3 November 2006

Summary

The installation script of certain IBM Informix products enables local users to execute a symlink attack on temporary files, potentially compromising the security of the system. Users may exploit this vulnerability to redirect file operations to unauthorized locations, leading to unintended access or data manipulation. Organizations using affected versions should apply relevant security patches and explore remediation strategies to mitigate risks.

References

http://www.vupen.com/english/advisories/2006/4280

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/22609

third-party-advisoryx_refsource_SECUNIA

http://www-1.ibm.com/support/docview.wss?uid=swg21247438

x_refsource_CONFIRM

Timeline

Vulnerability published
Nov 3, 2006
Vulnerability Reserved
Nov 2, 2006