CVE-2011-1033

EUVD-2011-1049
Stack-based buffer overflow in oninit in IBM Informix Dynamic Server (IDS) 11.50 allows remote attackers to execute arbitrary code via crafted arguments in the USELASTCOMMITTED session environment option in a SQL SET ENVIRONMENT statement.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
Affected Products (NVD)
VendorProductVersion
ibminformix_dynamic_server
11.50
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-ibm
http://secunia.com/advisories/43212
http://securityreason.com/securityalert/8078
http://www.securityfocus.com/archive/1/516250/100/0/threaded
http://www.securityfocus.com/bid/46230
http://www.vupen.com/english/advisories/2011/0309
http://zerodayinitiative.com/advisories/ZDI-11-050/
https://exchange.xforce.ibmcloud.com/vulnerabilities/65209
http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-ibm
http://secunia.com/advisories/43212
http://securityreason.com/securityalert/8078
http://www.securityfocus.com/archive/1/516250/100/0/threaded
http://www.securityfocus.com/bid/46230
http://www.vupen.com/english/advisories/2011/0309
http://zerodayinitiative.com/advisories/ZDI-11-050/
https://exchange.xforce.ibmcloud.com/vulnerabilities/65209