CVE-2009-2753

Multiple buffer overflows in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3, allow remote attackers to execute arbitrary code via a crafted parameter size.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ibm:informix_dynamic_server:10.0:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.0.tc1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc2e:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc3e:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc4e:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc5e:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc6e:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc7e:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc8:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc8e:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc9:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc9e:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc10:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc10e:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:11.1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:11.10:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc1de:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc2e:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc3e:*:*:*:*:*:*:*

History

21 Nov 2024, 01:05

Type Values Removed Values Added
References () http://secunia.com/advisories/38731 - Vendor Advisory () http://secunia.com/advisories/38731 - Vendor Advisory
References () http://securitytracker.com/id?1023669 - () http://securitytracker.com/id?1023669 -
References () http://www.ibm.com/support/docview.wss?uid=swg1IC55329 - () http://www.ibm.com/support/docview.wss?uid=swg1IC55329 -
References () http://www.ibm.com/support/docview.wss?uid=swg1IC55330 - () http://www.ibm.com/support/docview.wss?uid=swg1IC55330 -
References () http://www.securityfocus.com/archive/1/509789/100/0/threaded - () http://www.securityfocus.com/archive/1/509789/100/0/threaded -
References () http://www.securityfocus.com/bid/38471 - () http://www.securityfocus.com/bid/38471 -
References () http://www.vupen.com/english/advisories/2010/0508 - Patch, Vendor Advisory () http://www.vupen.com/english/advisories/2010/0508 - Patch, Vendor Advisory
References () http://www.zerodayinitiative.com/advisories/ZDI-10-022 - () http://www.zerodayinitiative.com/advisories/ZDI-10-022 -

Information

Published : 2010-03-05 16:30

Updated : 2024-11-21 01:05


NVD link : CVE-2009-2753

Mitre link : CVE-2009-2753

CVE.ORG link : CVE-2009-2753


JSON object : View

Products Affected

ibm

  • informix_dynamic_server
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer