Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2006-3857
HistoryAug 08, 2006 - 10:04 p.m.

CVE-2006-3857

2006-08-0822:04:00
mitre
web.nvd.nist.gov
25
ibm
informix
dynamic server
buffer overflow
remote code execution
security vulnerability
cve-2006-3857

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

7.3

Confidence

Low

EPSS

0.028

Percentile

90.7%

JSON

Multiple buffer overflows in IBM Informix Dynamic Server (IDS) before 9.40.TC6 and 10.00 before 10.00.TC3 allow remote authenticated users to execute arbitrary code via (1) the getname function, as used by (a) _sq_remview, (b) _sq_remproc, © _sq_remperms, (d) _sq_distfetch, and (e) _sq_dcatalog; and the (2) SET DEBUG FILE, (3) IFX_FILE_TO_FILE, (4) FILETOCLOB, (5) LOTOFILE, and (6) DBINFO functions (product defect IDs 171649, 171367, 171387, 171391, 171906, 172179).

Affected configurations

Nvd
Node
ibminformix_dynamic_database_serverMatch9.3
OR
ibminformix_dynamic_database_serverMatch9.40.tc1
OR
ibminformix_dynamic_database_serverMatch9.40.tc2
OR
ibminformix_dynamic_database_serverMatch9.40.tc3
OR
ibminformix_dynamic_database_serverMatch9.40.tc4
OR
ibminformix_dynamic_database_serverMatch9.40.tc5
OR
ibminformix_dynamic_database_serverMatch9.40.uc1
OR
ibminformix_dynamic_database_serverMatch9.40.uc2
OR
ibminformix_dynamic_database_serverMatch9.40.uc3
OR
ibminformix_dynamic_database_serverMatch10.00.tc1
OR
ibminformix_dynamic_database_serverMatch10.00.tc2
VendorProductVersionCPE
ibminformix_dynamic_database_server9.3cpe:2.3:a:ibm:informix_dynamic_database_server:9.3:*:*:*:*:*:*:*
ibminformix_dynamic_database_server9.40.tc1cpe:2.3:a:ibm:informix_dynamic_database_server:9.40.tc1:*:*:*:*:*:*:*
ibminformix_dynamic_database_server9.40.tc2cpe:2.3:a:ibm:informix_dynamic_database_server:9.40.tc2:*:*:*:*:*:*:*
ibminformix_dynamic_database_server9.40.tc3cpe:2.3:a:ibm:informix_dynamic_database_server:9.40.tc3:*:*:*:*:*:*:*
ibminformix_dynamic_database_server9.40.tc4cpe:2.3:a:ibm:informix_dynamic_database_server:9.40.tc4:*:*:*:*:*:*:*
ibminformix_dynamic_database_server9.40.tc5cpe:2.3:a:ibm:informix_dynamic_database_server:9.40.tc5:*:*:*:*:*:*:*
ibminformix_dynamic_database_server9.40.uc1cpe:2.3:a:ibm:informix_dynamic_database_server:9.40.uc1:*:*:*:*:*:*:*
ibminformix_dynamic_database_server9.40.uc2cpe:2.3:a:ibm:informix_dynamic_database_server:9.40.uc2:*:*:*:*:*:*:*
ibminformix_dynamic_database_server9.40.uc3cpe:2.3:a:ibm:informix_dynamic_database_server:9.40.uc3:*:*:*:*:*:*:*
ibminformix_dynamic_database_server10.00.tc1cpe:2.3:a:ibm:informix_dynamic_database_server:10.00.tc1:*:*:*:*:*:*:*
Rows per page:
1-10 of 111

Related

cvelist 1
nvd 1
securityvulns 1
checkpoint_advisories 1
nessus 1
cvelist
cvelist
CVE-2006-3857
2006-08-08 22:00:00
nvd
nvd
CVE-2006-3857
2006-08-08 22:04:00
securityvulns
securityvulns
Multiple Buffer Overflow Vulnerabilities in Informix
2006-08-15 00:00:00
checkpoint_advisories
checkpoint_advisories
Update Protection against Multiple MySQL Query Commands Vulnerabilities
2006-11-13 00:00:00
nessus
nessus
Informix Dynamic Server Multiple Remote Vulnerabilities
2006-08-16 00:00:00

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

7.3

Confidence

Low

EPSS

0.028

Percentile

90.7%

JSON
Related for CVE-2006-3857
cvelist1nvd1securityvulns1checkpoint_advisories1nessus1