Multiple integer overflows in setnet32.exe 3.50.0.13752 in IBM Informix Client SDK 3.0 and 3.50 and Informix Connect Runtime 3.x allow remote attackers to execute arbitrary code via a .nfx file with a crafted (1) HostSize, and possibly (2) ProtoSize and (3) ServerSize, field that triggers a stack-based buffer overflow involving a crafted HostList field. NOTE: some of these details are obtained from third party information.
Vector
NETWORK
Complexity
MEDIUM
Authentication
NONE
Confidentiality
COMPLETE
Integrity
COMPLETE
Availability
COMPLETE
| Advisory | Patch | Confirmed | Link |
|---|---|---|---|
| informix-nfx-bo(53644) | |||
| ADV-2009-2834 | |||
| 36588 | |||
| 1022985 | |||
| http://retrogod.altervista.org/9sg_ibm_setnet32.html |