CVE-2006-3857

NONECVSS 0.0

0.0

Multiple buffer overflows in IBM Informix Dynamic Server (IDS) before 9.40.TC6 and 10.00 before 10.00.TC3 allow remote authenticated users to execute arbitrary code via (1) the getname function, as used by (a) _sq_remview, (b) _sq_remproc, (c) _sq_remperms, (d) _sq_distfetch, and (e) _sq_dcatalog; and the (2) SET DEBUG FILE, (3) IFX_FILE_TO_FILE, (4) FILETOCLOB, (5) LOTOFILE, and (6) DBINFO functions (product defect IDs 171649, 171367, 171387, 171391, 171906, 172179).

🔗 References (38)

cve@mitrehttp://secunia.com/advisories/21301
cve@mitrehttp://www-1.ibm.com/support/docview.wss?uid=swg21242921
cve@mitrehttp://www.databasesecurity.com/informix/DatabaseHackersHandbook-AttackingInformix.pdf
cve@mitrehttp://www.osvdb.org/27681
cve@mitrehttp://www.osvdb.org/27682
cve@mitrehttp://www.osvdb.org/27683
cve@mitrehttp://www.osvdb.org/27687
cve@mitrehttp://www.osvdb.org/27688
cve@mitrehttp://www.osvdb.org/27693
cve@mitrehttp://www.securityfocus.com/archive/1/443133/100/0/threaded
cve@mitrehttp://www.securityfocus.com/archive/1/443210/100/0/threaded
cve@mitrehttp://www.securityfocus.com/bid/19264
cve@mitrehttp://www.vupen.com/english/advisories/2006/3077
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/28118
cve@mitrehttps://exchange.xforce.ibmcloud.com/vulnerabilities/28119

Is Your Infrastructure Affected by CVE-2006-3857?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2006-3857

📅 Published

🔄 Last Modified

🔗 References (38)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2006-3857?