Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-4857

Overview

Vulnerability Score 9.0 9.0
CVE Id CVE-2012-4857
Last Modified 25 Mar 2013 11:39:05
Published 08 Dec 2012 10:55:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2012-4857

Summary

Buffer overflow in IBM Informix 11.50 through 11.50.xC9W2 and 11.70 before 11.70.xC7 allows remote authenticated users to execute arbitrary code via a crafted SQL statement.

Vulnerable Systems

Application

  • Ibm Informix Dynamic Server 11.50

  • Ibm Informix Dynamic Server 11.50.xc1

  • Ibm Informix Dynamic Server 11.50.xc2

  • Ibm Informix Dynamic Server 11.50.xc3

  • Ibm Informix Dynamic Server 11.50.xc3w1

  • Ibm Informix Dynamic Server 11.50.xc4

  • Ibm Informix Dynamic Server 11.50.xc4w1

  • Ibm Informix Dynamic Server 11.50.xc5

  • Ibm Informix Dynamic Server 11.50.xc5w2

  • Ibm Informix Dynamic Server 11.50.xc5w3

  • Ibm Informix Dynamic Server 11.50.xc5w4

  • Ibm Informix Dynamic Server 11.50.xc6

  • Ibm Informix Dynamic Server 11.50.xc6w1

  • Ibm Informix Dynamic Server 11.50.xc6w2

  • Ibm Informix Dynamic Server 11.50.xc6w3

  • Ibm Informix Dynamic Server 11.50.xc6w4

  • Ibm Informix Dynamic Server 11.50.xc7

  • Ibm Informix Dynamic Server 11.50.xc7w1

  • Ibm Informix Dynamic Server 11.50.xc7w2

  • Ibm Informix Dynamic Server 11.50.xc7w3

  • Ibm Informix Dynamic Server 11.50.xc7w4

  • Ibm Informix Dynamic Server 11.50.xc8

  • Ibm Informix Dynamic Server 11.50.xc8w1

  • Ibm Informix Dynamic Server 11.50.xc8w2

  • Ibm Informix Dynamic Server 11.50.xc8w3

  • Ibm Informix Dynamic Server 11.50.xc8w4

  • Ibm Informix Dynamic Server 11.50.xc9

  • Ibm Informix Dynamic Server 11.70.xc1

  • Ibm Informix Dynamic Server 11.70.xc2

  • Ibm Informix Dynamic Server 11.70.xc3


References

CONFIRM - https://www.ibm.com/support/docview.wss?uid=swg21618994

XF - informix-sql-bo(79737)

SECTRACK - 1027849


Last Updated: 27 May 2016 11:01:27