Back to search
CVE-2008-0369
Published: Jan 18, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple unspecified programs in IBM Informix Dynamic Server (IDS) 10.x before 10.00.xC8 allow local users to create arbitrary files by specifying the target file in the SQLIDEBUG environment variable, whose ownership is changed to the user invoking the programs.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
27328
vdb-entry
x_refsource_BID
20080131 IBM Informix Dynamic Server SQLIDEBUG File Creation Vulnerability
third-party-advisory
x_refsource_IDEFENSE
28534
third-party-advisory
x_refsource_SECUNIA
ADV-2008-0169
vdb-entry
x_refsource_VUPEN
ibm-ids-onedcu-sqlidebug-unspecified(39751)
vdb-entry
x_refsource_XF
1019237
vdb-entry
x_refsource_SECTRACK
http://www-1.ibm.com/support/docview.wss?uid=swg27011556
x_refsource_CONFIRM
ibm-ids-sqlidebug-unspecified(40009)
vdb-entry
x_refsource_XF
IC54309
vendor-advisory
x_refsource_AIXAPAR
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now