Vulnerability Details CVE-2007-5956
Directory traversal vulnerability in IBM Informix Dynamic Server (IDS) before 10.00.xC7W1 allows local users to gain privileges by referencing modified NLS message files through directory traversal sequences in the DBLANG environment variable.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 3.9%
CVSS Severity
CVSS v2 Score 7.2
References
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=624
- http://secunia.com/advisories/27542
- http://www-1.ibm.com/support/docview.wss?uid=swg1IC54252
- http://www-1.ibm.com/support/docview.wss?uid=swg27011082
- http://www.securityfocus.com/bid/26363
- http://www.vupen.com/english/advisories/2007/3757
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38297
- http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=624
- http://secunia.com/advisories/27542
- http://www-1.ibm.com/support/docview.wss?uid=swg1IC54252
- http://www-1.ibm.com/support/docview.wss?uid=swg27011082
- http://www.securityfocus.com/bid/26363
- http://www.vupen.com/english/advisories/2007/3757
- https://exchange.xforce.ibmcloud.com/vulnerabilities/38297
Products affected by CVE-2007-5956
-
cpe:2.3:a:ibm:informix_dynamic_server:-
-
cpe:2.3:a:ibm:informix_dynamic_server:10.0
-
cpe:2.3:a:ibm:informix_dynamic_server:10.00
-
cpe:2.3:a:ibm:informix_dynamic_server:7.31
-
cpe:2.3:a:ibm:informix_dynamic_server:9.4
-
cpe:2.3:a:ibm:informix_dynamic_server:9.40.tc5
-
cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc1
-
cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc2
-
cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc3
-
cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc5
-
cpe:2.3:a:ibm:informix_dynamic_server:9.40.xc5
-
cpe:2.3:a:ibm:informix_dynamic_server:9.40.xc7