What is the severity of CVE-2012-4857?

CVE-2012-4857 has a critical severity level due to its potential to allow remote code execution.

How do I fix CVE-2012-4857?

To fix CVE-2012-4857, upgrade IBM Informix to a patched version that addresses the buffer overflow vulnerability.

Who is affected by CVE-2012-4857?

CVE-2012-4857 affects IBM Informix Dynamic Server versions 11.50 through 11.50.xC9W2 and 11.70 before 11.70.xC7.

What type of vulnerability is CVE-2012-4857?

CVE-2012-4857 is classified as a buffer overflow vulnerability that can be exploited by remote authenticated users.

What are the potential impacts of CVE-2012-4857?

Potential impacts of CVE-2012-4857 include unauthorized remote code execution and potential compromise of the affected system.

Vulnerability/
CVE-2012-4857

critical

CWE

119

8/12/2012

29/8/2017

CVE-2012-4857: Buffer Overflow

First published: Sat Dec 08 2012(Updated: )

Buffer overflow in IBM Informix 11.50 through 11.50.xC9W2 and 11.70 before 11.70.xC7 allows remote authenticated users to execute arbitrary code via a crafted SQL statement.

Credit: psirt@us.ibm.com

Affected Software	Affected Version	How to fix
IBM Informix Dynamic Database Server	=11.50
IBM Informix Dynamic Database Server	=11.50.xc1
IBM Informix Dynamic Database Server	=11.50.xc2
IBM Informix Dynamic Database Server	=11.50.xc3
IBM Informix Dynamic Database Server	=11.50.xc3w1
IBM Informix Dynamic Database Server	=11.50.xc4
IBM Informix Dynamic Database Server	=11.50.xc4w1
IBM Informix Dynamic Database Server	=11.50.xc5
IBM Informix Dynamic Database Server	=11.50.xc5w2
IBM Informix Dynamic Database Server	=11.50.xc5w3
IBM Informix Dynamic Database Server	=11.50.xc5w4
IBM Informix Dynamic Database Server	=11.50.xc6
IBM Informix Dynamic Database Server	=11.50.xc6w1
IBM Informix Dynamic Database Server	=11.50.xc6w2
IBM Informix Dynamic Database Server	=11.50.xc6w3
IBM Informix Dynamic Database Server	=11.50.xc6w4
IBM Informix Dynamic Database Server	=11.50.xc7
IBM Informix Dynamic Database Server	=11.50.xc7w1
IBM Informix Dynamic Database Server	=11.50.xc7w2
IBM Informix Dynamic Database Server	=11.50.xc7w3
IBM Informix Dynamic Database Server	=11.50.xc7w4
IBM Informix Dynamic Database Server	=11.50.xc8
IBM Informix Dynamic Database Server	=11.50.xc8w1
IBM Informix Dynamic Database Server	=11.50.xc8w2
IBM Informix Dynamic Database Server	=11.50.xc8w3
IBM Informix Dynamic Database Server	=11.50.xc8w4
IBM Informix Dynamic Database Server	=11.50.xc9
IBM Informix Dynamic Database Server	=11.70.xc1
IBM Informix Dynamic Database Server	=11.70.xc2
IBM Informix Dynamic Database Server	=11.70.xc3

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2012-4857?
CVE-2012-4857 has a critical severity level due to its potential to allow remote code execution.
How do I fix CVE-2012-4857?
To fix CVE-2012-4857, upgrade IBM Informix to a patched version that addresses the buffer overflow vulnerability.
Who is affected by CVE-2012-4857?
CVE-2012-4857 affects IBM Informix Dynamic Server versions 11.50 through 11.50.xC9W2 and 11.70 before 11.70.xC7.
What type of vulnerability is CVE-2012-4857?
CVE-2012-4857 is classified as a buffer overflow vulnerability that can be exploited by remote authenticated users.
What are the potential impacts of CVE-2012-4857?
Potential impacts of CVE-2012-4857 include unauthorized remote code execution and potential compromise of the affected system.

agent/type
agent/last-modified-date
agent/first-publish-date
agent/references
agent/weakness
agent/severity
agent/author
agent/softwarecombine
agent/description
agent/tags
agent/event
collector/nvd-index
agent/software-canonical-lookup-request
vendor/ibm
canonical/ibm informix dynamic database server
version/ibm informix dynamic database server/11.50
version/ibm informix dynamic database server/11.50.xc1
version/ibm informix dynamic database server/11.50.xc2
version/ibm informix dynamic database server/11.50.xc3
version/ibm informix dynamic database server/11.50.xc3w1
version/ibm informix dynamic database server/11.50.xc4
version/ibm informix dynamic database server/11.50.xc4w1
version/ibm informix dynamic database server/11.50.xc5
version/ibm informix dynamic database server/11.50.xc5w2
version/ibm informix dynamic database server/11.50.xc5w3
version/ibm informix dynamic database server/11.50.xc5w4
version/ibm informix dynamic database server/11.50.xc6
version/ibm informix dynamic database server/11.50.xc6w1
version/ibm informix dynamic database server/11.50.xc6w2
version/ibm informix dynamic database server/11.50.xc6w3
version/ibm informix dynamic database server/11.50.xc6w4
version/ibm informix dynamic database server/11.50.xc7
version/ibm informix dynamic database server/11.50.xc7w1
version/ibm informix dynamic database server/11.50.xc7w2
version/ibm informix dynamic database server/11.50.xc7w3
version/ibm informix dynamic database server/11.50.xc7w4
version/ibm informix dynamic database server/11.50.xc8
version/ibm informix dynamic database server/11.50.xc8w1
version/ibm informix dynamic database server/11.50.xc8w2
version/ibm informix dynamic database server/11.50.xc8w3
version/ibm informix dynamic database server/11.50.xc8w4
version/ibm informix dynamic database server/11.50.xc9
version/ibm informix dynamic database server/11.70.xc1
version/ibm informix dynamic database server/11.70.xc2
version/ibm informix dynamic database server/11.70.xc3