IBM Informix Dynamic Server 'oninit.exe' Buffer Overflow Vulnerability (Windows)

Summary
This host is installed with IBM Informix Dynamic Server and is prone to buffer overflow vulnerability.
Impact
Successful exploitation could allow remote attackers to execute arbitrary code with SYSTEM-level privileges. Impact Level: System/Application
Solution
Upgrade to IBM Informix IDS version 11.50.xC1, 11.10.xC2W2 or later. For updates refer to http://www-01.ibm.com/software/data/informix/
Insight
The flaw is due to a boundary error within the logging function in oninit.exe and can be exploited to cause a stack-based buffer overflow by sending a specially crafted request to TCP ports 9088 or 1526.
Affected
IBM Informix Dynamic Server (IDS) 11.10 before 11.10.xC2W2 and 11.50 before 11.50.xC1
References