CVE-2017-1310

MEDIUM

Description

IBM Informix Dynamic Server 12.1 could allow an authenticated user to cause a buffer overflow that would write large assertion fail files to the server. Done enough times, this could use large parts of the file system and cause the server to crash. IBM X-Force ID: 125569.

References

http://www.ibm.com/support/docview.wss?uid=swg22004930

http://www.securityfocus.com/bid/99309

http://www.securitytracker.com/id/1038803

https://exchange.xforce.ibmcloud.com/vulnerabilities/125569

Details

Source: MITRE

Published: 2017-06-29

Updated: 2017-07-07

Type: CWE-119

Risk Information

CVSS v2.0

Base Score: 4

Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 8

Severity: MEDIUM

CVSS v3.0

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 2.8

Severity: MEDIUM

Tenable Plugins

View all (1 total)

ID	Name	Product	Family	Severity
100380	IBM Informix Dynamic Server 11.50.xCn < 11.50.xC9 / 11.70.xCn < 11.70.xC9 / 12.10.xCn < 12.10.xC8W2 Multiple Vulnerabilities (SWEET32)	Nessus	Databases	critical