Stack-Based Buffer Overflow in IBM Informix Dynamic Server
CVE-2010-4069

Currently unrated

Key Information:

Vendor: IBM
Status: Informix Dynamic Server
Vendor: CVE Published:; 25 October 2010

Summary

A stack-based buffer overflow vulnerability exists in IBM Informix Dynamic Server, which affects versions 7.x through 7.31, 9.x through 9.40, 10.00 prior to 10.00.xC10, and 11.10 prior to 11.10.xC3, as well as 11.50 prior to 11.50.xC3. This vulnerability allows remote authenticated users to exploit long DBINFO keyword arguments within an SQL statement, potentially enabling them to execute arbitrary code on the system. This issue poses significant security risks, especially in environments where database servers are exposed to authenticated users.

References

http://www.zerodayinitiative.com/advisories/ZDI-10-217/

x_refsource_MISC

http://www.vupen.com/english/advisories/2010/2735

vdb-entryx_refsource_VUPEN

http://www.osvdb.org/68707

vdb-entryx_refsource_OSVDB

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Oct 25, 2010