Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2008-0768

Multiple stack-based and heap-based buffer overflows in the Windows RPC components for IBM Informix Storage Manager (ISM), as used in Informix Dynamic Server (IDS) 10.00.xC8 and earlier and 11.10.xC2 and earlier, allow attackers to execute arbitrary code via crafted XDR requests.

Published

2008-02-13T22:00:00.000

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 10.0 (HIGH)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: COMPLETE
Integrity Impact: COMPLETE
Availability Impact: COMPLETE

Exploitability Score

10.0

Impact Score

10.0

Weaknesses

Type: Primary
CWE-119

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ibm	informix_dynamic_server	≤ 10.00.xc8	Yes
Application	ibm	informix_dynamic_server	≤ 11.10.xc2	Yes
Application	ibm	informix_storage_manager	-	Yes
Operating System	microsoft	windows	-	No

References

http://secunia.com/advisories/28689 Third Party Advisory ([email protected])
http://www-01.ibm.com/support/docview.wss?uid=swg21294211 Vendor Advisory ([email protected])
http://www-1.ibm.com/support/search.wss?rs=0&q=IC55040&apar=only Vendor Advisory ([email protected])
http://www-1.ibm.com/support/search.wss?rs=0&q=IC55041&apar=only Vendor Advisory ([email protected])
http://www.securityfocus.com/bid/27485 Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id?1019281 Third Party Advisory, VDB Entry ([email protected])
http://www.vupen.com/english/advisories/2008/0317 Permissions Required ([email protected])
https://exchange.xforce.ibmcloud.com/vulnerabilities/40018 Third Party Advisory, VDB Entry ([email protected])
http://secunia.com/advisories/28689 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www-01.ibm.com/support/docview.wss?uid=swg21294211 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www-1.ibm.com/support/search.wss?rs=0&q=IC55040&apar=only Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www-1.ibm.com/support/search.wss?rs=0&q=IC55041&apar=only Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/27485 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1019281 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2008/0317 Permissions Required (af854a3a-2127-422b-91ae-364da2661108)
https://exchange.xforce.ibmcloud.com/vulnerabilities/40018 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)