Buffer overflow in Ibm Informix_dynamic_server

CVE-2012-3334

Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 11.50 before 11.50.xC9W2 and 11.70 before 11.70.xC5 allows remote authenticated users to execute arbitrary code via crafted arguments in a SET COLLATION statement.

Vulnerability class: Buffer Overflow

EPSS: 0.065 (91.3th percentile) — read the EPSS interpretation.

Affected products

Ibm Informix_dynamic_server — versions 11.50, 11.50.xc1, 11.50.xc2
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

ids-setcollation-bo(78277) (vdb-entry, x_refsource_XF)
psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
85736 (x_refsource_OSVDB, vdb-entry)
55668 (vdb-entry, x_refsource_BID)