IBM Informix Dynamic Server Vulnerability Details Released
IBM has published details on a vulnerability in its Informix Dynamic Server product. According to the article, the vulnerabability is remotely exploitable, although no public exploit code yet exists.
From the link below:
The specific flaw exists within the oninit.exe process bound by default to TCP port 9088 or 1526. A lack of sanity checking within a logging function can result in a stack based buffer overflow leading to arbitrary code execution under the context of the SYSTEM user.
Fixes are available in 11.50.xC1 and 11.10.xC2W2.