CVE-2008-0768

Multiple stack-based and heap-based buffer overflows in the Windows RPC components for IBM Informix Storage Manager (ISM), as used in Informix Dynamic Server (IDS) 10.00.xC8 and earlier and 11.10.xC2 and earlier, allow attackers to execute arbitrary code via crafted XDR requests.

Published: Feb 13, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-0768
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 10
AV:N/AC:L/Au:N/C:C/I:C/A:C

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
ibm / informix_dynamic_server	10.0	10.00.xc8.x
ibm / informix_dynamic_server	11.10	11.10.xc2.x

http://secunia.com/advisories/28689
http://www-01.ibm.com/support/docview.wss?uid=swg21294211
http://www-1.ibm.com/support/search.wss?rs=0&q=IC55040&apar=only
http://www-1.ibm.com/support/search.wss?rs=0&q=IC55041&apar=only
http://www.securityfocus.com/bid/27485
http://www.securitytracker.com/id?1019281
http://www.vupen.com/english/advisories/2008/0317
https://exchange.xforce.ibmcloud.com/vulnerabilities/40018

Vulnerability Database

289,697

CVE-2008-0768