mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
112 lines
3.8 KiB
JSON
112 lines
3.8 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cve@mitre.org",
|
|
"ID": "CVE-2006-3860",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 allows allows remote authenticated users to execute arbitrary commands via the (1) \"SET DEBUG FILE\" SQL command, and the (2) start_onpload and (3) dbexp functions."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "27686",
|
|
"refsource": "OSVDB",
|
|
"url": "http://www.osvdb.org/27686"
|
|
},
|
|
{
|
|
"name": "http://www-1.ibm.com/support/docview.wss?uid=swg21242921",
|
|
"refsource": "CONFIRM",
|
|
"url": "http://www-1.ibm.com/support/docview.wss?uid=swg21242921"
|
|
},
|
|
{
|
|
"name": "informix-sysmaster-command-execution(28121)",
|
|
"refsource": "XF",
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28121"
|
|
},
|
|
{
|
|
"name": "1407",
|
|
"refsource": "SREASON",
|
|
"url": "http://securityreason.com/securityalert/1407"
|
|
},
|
|
{
|
|
"name": "20060814 Informix - Discovery, Attack and Defense",
|
|
"refsource": "BUGTRAQ",
|
|
"url": "http://www.securityfocus.com/archive/1/443133/100/0/threaded"
|
|
},
|
|
{
|
|
"name": "http://www.databasesecurity.com/informix/DatabaseHackersHandbook-AttackingInformix.pdf",
|
|
"refsource": "MISC",
|
|
"url": "http://www.databasesecurity.com/informix/DatabaseHackersHandbook-AttackingInformix.pdf"
|
|
},
|
|
{
|
|
"name": "informix-setdebug-command-execution(28124)",
|
|
"refsource": "XF",
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28124"
|
|
},
|
|
{
|
|
"name": "21301",
|
|
"refsource": "SECUNIA",
|
|
"url": "http://secunia.com/advisories/21301"
|
|
},
|
|
{
|
|
"name": "19264",
|
|
"refsource": "BID",
|
|
"url": "http://www.securityfocus.com/bid/19264"
|
|
},
|
|
{
|
|
"name": "20060814 Multiple Arbitrary Command Execution Vulnerabilities",
|
|
"refsource": "BUGTRAQ",
|
|
"url": "http://www.securityfocus.com/archive/1/443185/100/0/threaded"
|
|
},
|
|
{
|
|
"name": "ADV-2006-3077",
|
|
"refsource": "VUPEN",
|
|
"url": "http://www.vupen.com/english/advisories/2006/3077"
|
|
}
|
|
]
|
|
}
|
|
} |