Buffer overflow in Ibm Informix_dynamic_server

CVE-2012-4857

Buffer overflow in IBM Informix 11.50 through 11.50.xC9W2 and 11.70 before 11.70.xC7 allows remote authenticated users to execute arbitrary code via a crafted SQL statement.

Vulnerability class: Buffer Overflow

EPSS: 0.076 (92.0th percentile) — read the EPSS interpretation.

Affected products

Ibm Informix_dynamic_server — versions 11.50, 11.50.xc1, 11.50.xc2
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

References

psirt@us.ibm.com (x_refsource_CONFIRM, Vendor Advisory)
1027849 (vdb-entry, x_refsource_SECTRACK)
informix-sql-bo(79737) (vdb-entry, x_refsource_XF)