Skip to main content

IBM Informix Client and Connect ".nfx" File Buffer Overflow Vulnerability

Last Update Date: 28 Jan 2011 Release Date: 6 Oct 2009 4803 Views

RISK: Medium Risk

A vulnerability has been identified in IBM Informix Client and Informix Connect, which could be exploited by attackers to compromise a vulnerable system. This issue is caused by a buffer overflow error in the SetNet32 utility when processing a ".nfx" file containing a malformed field (e.g. "HostSize"), which could be exploited by attackers to crash an affected application or execute arbitrary code via a specially crafted file.


Impact

  • Remote Code Execution

System / Technologies affected

  • IBM Informix Client SDK versions 3.x

  • IBM Informix Connect Runtime versions 3.x


Solutions

There is no patch available for this vulnerability currently.


Vulnerability Identifier

  • No CVE information is available

Source


Related Link