Vulnerability Description
Stack-based buffer overflow in oninit in IBM Informix Dynamic Server (IDS) 11.50 allows remote attackers to execute arbitrary code via crafted arguments in the USELASTCOMMITTED session environment option in a SQL SET ENVIRONMENT statement.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ibm | Informix Dynamic Server | 11.50 |
Related Weaknesses (CWE)
References
- http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-ibm
- http://secunia.com/advisories/43212Vendor Advisory
- http://securityreason.com/securityalert/8078
- http://www.securityfocus.com/archive/1/516250/100/0/threaded
- http://www.securityfocus.com/bid/46230
- http://www.vupen.com/english/advisories/2011/0309Vendor Advisory
- http://zerodayinitiative.com/advisories/ZDI-11-050/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/65209
- http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-ibm
- http://secunia.com/advisories/43212Vendor Advisory
- http://securityreason.com/securityalert/8078
- http://www.securityfocus.com/archive/1/516250/100/0/threaded
- http://www.securityfocus.com/bid/46230
- http://www.vupen.com/english/advisories/2011/0309Vendor Advisory
- http://zerodayinitiative.com/advisories/ZDI-11-050/
FAQ
What is CVE-2011-1033?
CVE-2011-1033 is a vulnerability with a CVSS score of 9.3 (HIGH). Stack-based buffer overflow in oninit in IBM Informix Dynamic Server (IDS) 11.50 allows remote attackers to execute arbitrary code via crafted arguments in the USELASTCOMMITTED session environment opt...
How severe is CVE-2011-1033?
CVE-2011-1033 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-1033?
Check the references section above for vendor advisories and patch information. Affected products include: Ibm Informix Dynamic Server.