Skip to main content

Informix Dynamic Server CVE-2017-1310

MEDIUM
Buffer Overflow (CWE-119)
2017-06-29 psirt@us.ibm.com
6.5
CVSS 3.0 · NVD
Share

Severity by source

NVD PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Jun 29, 2017 - 13:29 cve.org
MEDIUM 6.5

DescriptionCVE.org

IBM Informix Dynamic Server 12.1 could allow an authenticated user to cause a buffer overflow that would write large assertion fail files to the server. Done enough times, this could use large parts of the file system and cause the server to crash. IBM X-Force ID: 125569.

AnalysisAI

IBM Informix Dynamic Server 12.1 could allow an authenticated user to cause a buffer overflow that would write large assertion fail files to the server. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Technical ContextAI

This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. IBM Informix Dynamic Server 12.1 could allow an authenticated user to cause a buffer overflow that would write large assertion fail files to the server. Done enough times, this could use large parts of the file system and cause the server to crash. IBM X-Force ID: 125569. Affected products include: Ibm Informix Dynamic Server.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.

CVE-2012-3334 CRITICAL
9.0 Sep 25

Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 11.50 before 11.50.xC9W2 and 11.70 before 11.70.xC5 all

CVE-2012-4857 CRITICAL
9.0 Dec 08

Buffer overflow in IBM Informix 11.50 through 11.50.xC9W2 and 11.70 before 11.70.xC7 allows remote authenticated users t

CVE-2024-45675 HIGH
8.4 Dec 02

CVE-2024-45675 is a security vulnerability (CVSS 8.4) that allows a local user. High severity vulnerability requiring pr

CVE-2016-0226 HIGH
7.8 Mar 28

The client implementation in IBM Informix Dynamic Server 11.70.xCn on Windows does not properly restrict access to the (

CVE-2023-28523 HIGH
7.8 Dec 09

IBM Informix Dynamic Server 12.10 and 14.10 onsmsync is vulnerable to a heap buffer overflow, caused by improper bounds

CVE-2020-4799 HIGH
7.8 Oct 08

IBM Informix spatial 14.10 could allow a local user to execute commands as a privileged user due to an out of bounds wri

CVE-2019-4253 HIGH
7.8 Aug 20

IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local privileged Informix user to load a malicious sha

CVE-2025-1991 HIGH
7.5 Jun 28

IBM Informix Dynamic Server 12.10,14.10, and15.0 could allow a remote attacker to cause a denial of service due to an in

CVE-2017-1508 MEDIUM
6.7 Sep 13

IBM Informix Dynamic Server 12.1 could allow a local user logged in with database administrator user to gain root privil

CVE-2021-20515 MEDIUM
6.7 Apr 30

IBM Informix Dynamic Server 14.10 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. Ra

CVE-2023-28527 MEDIUM
5.5 Dec 09

IBM Informix Dynamic Server 12.10 and 14.10 cdr is vulnerable to a heap buffer overflow, caused by improper bounds check

CVE-2023-28526 MEDIUM
5.5 Dec 09

IBM Informix Dynamic Server 12.10 and 14.10 archecker is vulnerable to a heap buffer overflow, caused by improper bounds

Share

CVE-2017-1310 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy