CVE-2010-4053: Buffer Overflow
First published: Sat Oct 23 2010(Updated: )
Stack-based buffer overflow in an unspecified logging function in oninit.exe in IBM Informix Dynamic Server (IDS) 11.10 before 11.10.xC2W2 and 11.50 before 11.50.xC1 allows remote authenticated users to execute arbitrary code via a crafted EXPLAIN directive, aka idsdb00154125 and idsdb00154243.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Informix Dynamic Database Server | =11.10 | |
| IBM Informix Dynamic Database Server | =11.50 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2010-4053?
CVE-2010-4053 is rated as a high severity vulnerability due to the potential for remote code execution.
How do I fix CVE-2010-4053?
To fix CVE-2010-4053, upgrade IBM Informix Dynamic Server to versions 11.10.xC2W2 or later for 11.10 and to 11.50.xC1 or later for 11.50.
What is affected by CVE-2010-4053?
CVE-2010-4053 affects IBM Informix Dynamic Server versions 11.10 before 11.10.xC2W2 and 11.50 before 11.50.xC1.
Who can exploit CVE-2010-4053?
CVE-2010-4053 can be exploited by remote authenticated users who can manipulate the EXPLAIN directive.
What type of vulnerability is CVE-2010-4053?
CVE-2010-4053 is a stack-based buffer overflow vulnerability that allows execution of arbitrary code.
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/severity
- agent/weakness
- agent/references
- agent/author
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/ibm
- canonical/ibm informix dynamic database server
- version/ibm informix dynamic database server/11.10
- version/ibm informix dynamic database server/11.50