Summary
This host is installed with IBM Informix Dynamic Server and is prone to remote code execution vulnerability.
Impact
Successful exploitation could allow remote attackers to execute arbitrary code with SYSTEM-level privileges.
Impact Level: System/Application
Solution
Upgrade to IBM Informix IDS version 11.50.xC8 or later, For updates refer to http://www-01.ibm.com/software/data/informix/
Insight
The flaw is due to a boundary error in the oninit process bound to TCP port 9088 when processing the arguments to the USELASTCOMMITTED option in a SQL query.
Affected
IBM Informix Dynamic Server (IDS) version 11.50
References
Severity
Classification
-
CVE CVE-2011-1033 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Citrix Provisioning Services 'streamprocess.exe' Component Remote Code Execution Vulnerability
- Active Perl 'Perl_repeatcpy()' Function Buffer Overflow Vulnerability (Windows)
- Adobe Reader 'Plug-in' Buffer Overflow Vulnerability (Mac OS X)
- BSPlayer Stack Overflow Vulnerability SRT
- Adobe Reader/Acrobat Multimedia Doc.media.newPlayer Code Execution Vulnerability (Win)