CVE-2006-3861

Published Aug 8, 2006

Last updated 3 months ago

CVSS info 4.0

Overview

Description: IBM Informix Dynamic Server (IDS) before 9.40.xC7 and 10.00 before 10.00.xC3 does not use database creation permissions, which allows remote authenticated users to create arbitrary databases.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 4
Impact score: 2.9
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:N/I:P/A:N

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Hype score: Not currently trending

Evaluator

Comment: -
Impact: -
Solution: -

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:7.31:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45A93A4B-8AB8-4BC7-9253-8DDA9D091C0A"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:9.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "58A9F81C-C618-435D-9912-0E61EAB02560"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:9.40.tc5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CE9B0C17-2D85-4729-85EF-2F5C750BF51B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "910D9A17-43A7-4F9E-98E0-2C465AC8BD2F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E61711D-4C3E-4A6D-89A8-85B7CDD7FAE1"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B2CD7B84-2861-4542-8A08-C668065C8DB4"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E64D85E2-AA7E-4704-A2FA-BD69744423CF"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:9.40.xc5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "21FF7CE7-A061-425B-A29B-1EC6DEDA2C10"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1716E256-B186-442F-8C4C-9305E0953081"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5634CF97-CBD3-4CA3-8144-2F875FDD3FA4"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Evaluator

Configurations

References