IBM Informix Products Setnet32 Utility '.nfx' File Buffer Overflow Vulnerability

Multiple IBM Informix products are prone to a buffer-overflow vulnerability because the software fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.

This issue affects the following:

IBM Informix Client Software Development Kit (CSDK) 3.5
IBM Informix Connect 3.x

Other products that use the Setnet32 utility may also be vulnerable.


Privacy Statement
Copyright 2010, SecurityFocus