CVE-2004-2489

Publication date

2005-10-25 04:00:00

Family

mitre

State

PUBLISHED

Description

Format string vulnerability in IBM Informix Dynamic Server (IDS) before 9.40.xC3 allows local users to execute arbitrary code via a modified INFORMIXDIR environment variable that points to a file with format string specifiers in the filename.