CVE-2008-0727

Multiple buffer overflows in oninit.exe in IBM Informix Dynamic Server (IDS) 7.x through 11.x allow (1) remote attackers to execute arbitrary code via a long password and (2) remote authenticated users to execute arbitrary code via a long DBPATH value.

Published: Mar 18, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-0727
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 8.5
AV:N/AC:L/Au:S/C:N/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
ibm / informix_dynamic_server	9.40.uc3	9.40.uc3.x
ibm / informix_dynamic_server	7.31.xd8	7.31.xd8.x
ibm / informix_dynamic_server	9.40.uc2	9.40.uc2.x
ibm / informix_dynamic_server	10.0.xc4	10.0.xc4.x
ibm / informix_dynamic_server	7.31.xd9	7.31.xd9.x
ibm / informix_dynamic_server	9.40.tc5	9.40.tc5.x
ibm / informix_dynamic_server	9.40.uc1	9.40.uc1.x
ibm / informix_dynamic_server	9.40.xd8	9.40.xd8.x
ibm / informix_dynamic_server	10.0.xc3	10.0.xc3.x
ibm / informix_dynamic_server	10.0	10.0.x
ibm / informix_dynamic_server	9.40_xc7	9.40_xc7.x
ibm / informix_dynamic_server	10.00.xc7w1	10.00.xc7w1.x
ibm / informix_dynamic_server	9.3	9.3.x
ibm / informix_dynamic_server	11.10.xc2	11.10.xc2.x
ibm / informix_dynamic_server	9.4	9.4.x
ibm / informix_dynamic_server	7.3	7.3.x
ibm / informix_dynamic_server	9.40.uc5	9.40.uc5.x

Vulnerability Database

289,871

CVE-2008-0727