Vulnerabilities > IBM > Informix Dynamic Server > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-20 | CVE-2018-1630 | Link Following vulnerability in IBM Informix Dynamic Server 12.1 IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in onmode. | 6.7 |
| 2017-09-13 | CVE-2017-1508 | Unspecified vulnerability in IBM Informix Dynamic Server 12.10 IBM Informix Dynamic Server 12.1 could allow a local user logged in with database administrator user to gain root privileges. | 6.8 |
| 2017-06-29 | CVE-2017-1310 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Informix Dynamic Server 12.10 IBM Informix Dynamic Server 12.1 could allow an authenticated user to cause a buffer overflow that would write large assertion fail files to the server. | 4.0 |
| 2016-03-28 | CVE-2016-0226 | Improper Access Control vulnerability in IBM Informix Dynamic Server 11.70.Xcn The client implementation in IBM Informix Dynamic Server 11.70.xCn on Windows does not properly restrict access to the (1) nsrd, (2) nsrexecd, and (3) portmap executable files, which allows local users to gain privileges via a Trojan horse file. | 6.9 |
| 2009-09-29 | CVE-2009-3470 | Resource Management Errors vulnerability in IBM Informix Dynamic Server IBM Informix Dynamic Server (IDS) 10.00 before 10.00.xC11, 11.10 before 11.10.xC4, and 11.50 before 11.50.xC5 allows remote attackers to cause a denial of service (memory corruption, assertion failure, and daemon crash) by sending a long password over a JDBC connection. | 5.0 |
| 2008-01-19 | CVE-2008-0369 | Local Privilege Escalation vulnerability in IBM Informix Dynamic Server 10.00 Multiple unspecified programs in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allow local users to create arbitrary files by specifying the target file in the SQLIDEBUG environment variable, whose ownership is changed to the user invoking the programs. local ibm | 6.9 |
| 2007-11-14 | CVE-2007-5957 | Multiple vulnerability in IBM Informix Dynamic Server Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 10.00.TC3TL and 11.10.TB4TL on Windows allows attackers to cause a denial of service (application crash) via unspecified SQ_ONASSIST requests. | 4.9 |
| 2006-11-03 | CVE-2006-5664 | Local Security vulnerability in IBM products The installation script in IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 allows local users to "compromise security" via a symlink attack on temporary files. | 4.6 |
| 2006-11-03 | CVE-2006-5663 | Local Security vulnerability in IBM products IBM Informix Dynamic Server 10.00, Informix Client Software Development Kit (CSDK) 2.90, and Informix I-Connect 2.90 use insecure permissions for installation scripts, which allows local users to gain privileges by modifying the scripts. | 4.6 |
| 2006-08-08 | CVE-2006-3861 | Multiple vulnerability in IBM Informix Dynamic Server IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 does not use database creation permissions, which allows remote authenticated users to create arbitrary databases. | 4.0 |