CVE-2010-4053

Currently unrated

Key Information:

Vendor: IBM
Status: Informix Dynamic Server
Vendor: CVE Published:; 23 October 2010

Summary

Stack-based buffer overflow in an unspecified logging function in oninit.exe in IBM Informix Dynamic Server (IDS) 11.10 before 11.10.xC2W2 and 11.50 before 11.50.xC1 allows remote authenticated users to execute arbitrary code via a crafted EXPLAIN directive, aka idsdb00154125 and idsdb00154243.

References

http://www.zerodayinitiative.com/advisories/ZDI-10-216/

x_refsource_MISC

http://www.vupen.com/english/advisories/2010/2734

vdb-entryx_refsource_VUPEN

http://www.osvdb.org/68705

vdb-entryx_refsource_OSVDB

EPSS Score

11% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 23, 2010
Vulnerability Reserved
Oct 22, 2010