CVE-2006-3860
N/A
N/A
Summary
IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 allows allows remote authenticated users to execute arbitrary commands via the (1) "SET DEBUG FILE" SQL command, and the (2) start_onpload and (3) dbexp functions.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.osvdb.org/27686
- http://www-1.ibm.com/support/docview.wss?uid=swg21242921
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28121
- http://securityreason.com/securityalert/1407
- http://www.securityfocus.com/archive/1/443133/100/0/threaded
- http://www.databasesecurity.com/informix/DatabaseHackersHandbook-AttackingInformix.pdf
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28124
- http://secunia.com/advisories/21301
- http://www.securityfocus.com/bid/19264
- http://www.securityfocus.com/archive/1/443185/100/0/threaded
- http://www.vupen.com/english/advisories/2006/3077
References
- http://www.osvdb.org/27686
- http://www-1.ibm.com/support/docview.wss?uid=swg21242921
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28121
- http://securityreason.com/securityalert/1407
- http://www.securityfocus.com/archive/1/443133/100/0/threaded
- http://www.databasesecurity.com/informix/DatabaseHackersHandbook-AttackingInformix.pdf
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28124
- http://secunia.com/advisories/21301
- http://www.securityfocus.com/bid/19264
- http://www.securityfocus.com/archive/1/443185/100/0/threaded
- http://www.vupen.com/english/advisories/2006/3077
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.