CVE-2002-0555

Published Jul 3, 2002

Last updated 16 years ago

Overview

Description: IBM Informix Web DataBlade 4.12 unescapes user input even if an application has escaped it, which could allow remote attackers to execute SQL code in a web form even when the developer has attempted to escape it.
Source: cve@mitre.org
NVD status: Analyzed

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:informix_web_datablade:4.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C54E0F87-144A-471B-B947-D6C50E4B021C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_web_datablade:4.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "280BF016-9B3D-471B-ADA6-A6112A0FD018"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_web_datablade:4.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BA4F7156-5B59-412F-ACFC-8594E43B3CDF"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_web_datablade:4.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DFA57559-7E04-43CB-BA5E-8E963BCF7F68"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References