CVE-2018-1635: Buffer Overflow
First published: Tue Aug 20 2019(Updated: )
Stack-based buffer overflow in oninit in IBM Informix Dynamic Server Enterprise Edition 12.1 allows an authenticated user to execute predefined code with root privileges, such as escalating to a root shell. IBM X-Force ID: 144439.
Credit: psirt@us.ibm.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM Informix Dynamic Server | =12.10-fc1 | |
| IBM Informix Dynamic Server | =12.10-fc10 | |
| IBM Informix Dynamic Server | =12.10-fc11 | |
| IBM Informix Dynamic Server | =12.10-fc12 | |
| IBM Informix Dynamic Server | =12.10-fc2 | |
| IBM Informix Dynamic Server | =12.10-fc3 | |
| IBM Informix Dynamic Server | =12.10-fc4 | |
| IBM Informix Dynamic Server | =12.10-fc5 | |
| IBM Informix Dynamic Server | =12.10-fc6 | |
| IBM Informix Dynamic Server | =12.10-fc7 | |
| IBM Informix Dynamic Server | =12.10-fc8 | |
| IBM Informix Dynamic Server | =12.10-fc9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2018-1635?
CVE-2018-1635 is a vulnerability in IBM Informix Dynamic Server Enterprise Edition 12.1 that allows an authenticated user to execute predefined code with root privileges.
How can an attacker exploit CVE-2018-1635?
An attacker can exploit CVE-2018-1635 by leveraging a stack-based buffer overflow in the 'oninit' function of IBM Informix Dynamic Server.
What is the severity of CVE-2018-1635?
CVE-2018-1635 has a severity rating of 6.7 (high).
How can I fix CVE-2018-1635?
To fix CVE-2018-1635, apply the necessary patches and updates provided by IBM.
Where can I find more information about CVE-2018-1635?
You can find more information about CVE-2018-1635 on the IBM support website and IBM X-Force ID: 144439.
- collector/nvd-index
- vendor/ibm
- product/informix dynamic server
- canonical/ibm informix dynamic server