Описание
IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 does not use database creation permissions, which allows remote authenticated users to create arbitrary databases.
IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 does not use database creation permissions, which allows remote authenticated users to create arbitrary databases.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-3861
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28148
- http://secunia.com/advisories/21301
- http://www-1.ibm.com/support/docview.wss?uid=swg21242921
- http://www.databasesecurity.com/informix/DatabaseHackersHandbook-AttackingInformix.pdf
- http://www.osvdb.org/27692
- http://www.securityfocus.com/archive/1/443133/100/0/threaded
- http://www.securityfocus.com/archive/1/443192/100/0/threaded
- http://www.securityfocus.com/bid/19264
- http://www.vupen.com/english/advisories/2006/3077
EPSS
Процентиль: 63%
0.00436
Низкий
CVE ID
Связанные уязвимости
nvd
больше 19 лет назад
IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 does not use database creation permissions, which allows remote authenticated users to create arbitrary databases.
EPSS
Процентиль: 63%
0.00436
Низкий