CVE-2010-4069

IBM Informix Dynamic Server Buffer Overflow via DBINFO Keyword Arguments

Title source: llm
STIX 2.1

Description

Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 7.x through 7.31, 9.x through 9.40, 10.00 before 10.00.xC10, 11.10 before 11.10.xC3, and 11.50 before 11.50.xC3 allows remote authenticated users to execute arbitrary code via long DBINFO keyword arguments in a SQL statement, aka idsdb00165017, idsdb00165019, idsdb00165021, idsdb00165022, and idsdb00165023.

References (4)

Core 4
Core References
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-10-217/
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/2735
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/68707
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/41914

Scores

EPSS 0.0394
EPSS Percentile 89.2%

Details

CWE
CWE-119
Status published
Products (29)
ibm/informix_dynamic_server 7.31
ibm/informix_dynamic_server 9.40.tc5
ibm/informix_dynamic_server 9.40.uc1
ibm/informix_dynamic_server 9.40.uc2
ibm/informix_dynamic_server 9.40.uc3
ibm/informix_dynamic_server 9.40.uc5
ibm/informix_dynamic_server 9.40.xc5
ibm/informix_dynamic_server 9.40.xc7
ibm/informix_dynamic_server 10.00
ibm/informix_dynamic_server 10.00.tc3tl
... and 19 more
Published Oct 25, 2010
Tracked Since Feb 18, 2026