CVE-2008-0768

Multiple stack-based and heap-based buffer overflows in the Windows RPC components for IBM Informix Storage Manager (ISM), as used in Informix Dynamic Server (IDS) 10.00.xC8 and earlier and 11.10.xC2 and earlier, allow attackers to execute arbitrary code via crafted XDR requests.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://secunia.com/advisories/28689	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21294211	Vendor Advisory
http://www-1.ibm.com/support/search.wss?rs=0&q=IC55040&apar=only	Vendor Advisory
http://www-1.ibm.com/support/search.wss?rs=0&q=IC55041&apar=only	Vendor Advisory
http://www.securityfocus.com/bid/27485	Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1019281	Third Party Advisory VDB Entry
http://www.vupen.com/english/advisories/2008/0317	Permissions Required
https://exchange.xforce.ibmcloud.com/vulnerabilities/40018	Third Party Advisory VDB Entry
http://secunia.com/advisories/28689	Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21294211	Vendor Advisory
http://www-1.ibm.com/support/search.wss?rs=0&q=IC55040&apar=only	Vendor Advisory
http://www-1.ibm.com/support/search.wss?rs=0&q=IC55041&apar=only	Vendor Advisory
http://www.securityfocus.com/bid/27485	Third Party Advisory VDB Entry
http://www.securitytracker.com/id?1019281	Third Party Advisory VDB Entry
http://www.vupen.com/english/advisories/2008/0317	Permissions Required
https://exchange.xforce.ibmcloud.com/vulnerabilities/40018	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

AND

OR	cpe:2.3:a:ibm:informix_dynamic_server::::::::
	cpe:2.3:a:ibm:informix_dynamic_server::::::::
	cpe:2.3:a:ibm:informix_storage_manager:-:::::::*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

21 Nov 2024, 00:42

Type	Values Removed	Values Added
References	~~() http://secunia.com/advisories/28689 - Third Party Advisory~~	() http://secunia.com/advisories/28689 - Third Party Advisory
References	~~() http://www-01.ibm.com/support/docview.wss?uid=swg21294211 - Vendor Advisory~~	() http://www-01.ibm.com/support/docview.wss?uid=swg21294211 - Vendor Advisory
References	~~() http://www-1.ibm.com/support/search.wss?rs=0&q=IC55040&apar=only - Vendor Advisory~~	() http://www-1.ibm.com/support/search.wss?rs=0&q=IC55040&apar=only - Vendor Advisory
References	~~() http://www-1.ibm.com/support/search.wss?rs=0&q=IC55041&apar=only - Vendor Advisory~~	() http://www-1.ibm.com/support/search.wss?rs=0&q=IC55041&apar=only - Vendor Advisory
References	~~() http://www.securityfocus.com/bid/27485 - Third Party Advisory, VDB Entry~~	() http://www.securityfocus.com/bid/27485 - Third Party Advisory, VDB Entry
References	~~() http://www.securitytracker.com/id?1019281 - Third Party Advisory, VDB Entry~~	() http://www.securitytracker.com/id?1019281 - Third Party Advisory, VDB Entry
References	~~() http://www.vupen.com/english/advisories/2008/0317 - Permissions Required~~	() http://www.vupen.com/english/advisories/2008/0317 - Permissions Required
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/40018 - Third Party Advisory, VDB Entry~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/40018 - Third Party Advisory, VDB Entry

Information

Published : 2008-02-13 22:00

Updated : 2024-11-21 00:42

NVD link : CVE-2008-0768

Mitre link : CVE-2008-0768

CVE.ORG link : CVE-2008-0768

JSON object : View

Products Affected

microsoft

windows

ibm

informix_dynamic_server
informix_storage_manager

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

10.0 /10