IBM.Informix.Dynamic.Server.SET.ENVIRONMENT.Buffer.Overflow

description-logoDescription

This indicates an attack attempt against a stack buffer overflow vulnerability in
IBM Informix Dynamic Server.
The vulnerability is caused by a boundary error in the oninit process when handling a SET ENVIRONMENT SQL statement. It allows a remote attacker to exploit this vulnerability by sending a specially crafted SQL query to the vulnerable server.

affected-products-logoAffected Products

IBM Informix IDS 11.50.xC1
IBM Informix IDS 11.50
IBM Informix IDS 11.10.xC2W2
IBM Informix IDS 11.10.xC2
IBM Informix IDS 11.10.TC3
IBM Informix IDS 11.10

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Upgrade to the latest version, available from the website.
http://www-01.ibm.com/software/data/informix/

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

SA43212