CVE-2010-4069
IBM Informix Dynamic Server Buffer Overflow via DBINFO Keyword Arguments
Title source: llmDescription
Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 7.x through 7.31, 9.x through 9.40, 10.00 before 10.00.xC10, 11.10 before 11.10.xC3, and 11.50 before 11.50.xC3 allows remote authenticated users to execute arbitrary code via long DBINFO keyword arguments in a SQL statement, aka idsdb00165017, idsdb00165019, idsdb00165021, idsdb00165022, and idsdb00165023.
References (4)
Core 4
Core References
Third Party Advisory x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-10-217/
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/2735
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/68707
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/41914
Scores
EPSS
0.0394
EPSS Percentile
89.2%
Details
CWE
CWE-119
Status
published
Products (29)
ibm/informix_dynamic_server
7.31
ibm/informix_dynamic_server
9.40.tc5
ibm/informix_dynamic_server
9.40.uc1
ibm/informix_dynamic_server
9.40.uc2
ibm/informix_dynamic_server
9.40.uc3
ibm/informix_dynamic_server
9.40.uc5
ibm/informix_dynamic_server
9.40.xc5
ibm/informix_dynamic_server
9.40.xc7
ibm/informix_dynamic_server
10.00
ibm/informix_dynamic_server
10.00.tc3tl
... and 19 more
Published
Oct 25, 2010
Tracked Since
Feb 18, 2026