CVE-2004-2131

IBM Informix Dynamic Server <9.40.xC3 - Buffer Overflow

Title source: llm

Description

Stack-based buffer overflow in ontape for IBM Informix Dynamic Server (IDS) 9.40.xC3 and earlier allows local users, with DSA privileges, to execute arbitrary code via a long ONCONFIG environment variable.

Exploits (2)

exploitdb WORKING POC VERIFIED
by pask · clocalunix
https://www.exploit-db.com/exploits/23610
exploitdb WORKING POC VERIFIED
by pask · bashlocalunix
https://www.exploit-db.com/exploits/23609

References (6)

Scores

EPSS 0.0020
EPSS Percentile 41.9%

Details

Status published
Products (3)
ibm/informix_dynamic_server 9.40.uc1
ibm/informix_dynamic_server 9.40.uc2
ibm/informix_extended_parallel_server 8.40_uc1
Published Jan 27, 2004
Tracked Since Feb 18, 2026