CyberSec.Space Logo
Back to CVE Browser

CVE-2008-0768

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1600%
EPSS Percentile12.07th
PublishedFeb 13, 2008
Last ModifiedApr 23, 2026

Vulnerability Description

Multiple stack-based and heap-based buffer overflows in the Windows RPC components for IBM Informix Storage Manager (ISM), as used in Informix Dynamic Server (IDS) 10.00.xC8 and earlier and 11.10.xC2 and earlier, allow attackers to execute arbitrary code via crafted XDR requests.

Affected Platforms (CPE)

πŸ“¦
Ibm

Informix Dynamic Server

>= 10.0 and <= 10.00.xc8
πŸ“¦
Ibm

Informix Dynamic Server

>= 11.10 and <= 11.10.xc2
πŸ“¦
Ibm

Informix Storage Manager

All versions

References & Advisories

πŸ”— http://secunia.com/advisories/28689
πŸ”— http://www-01.ibm.com/support/docview.wss?uid=swg21294211
πŸ”— http://www-1.ibm.com/support/search.wss?rs=0&q=IC55040&apar=only
πŸ”— http://www-1.ibm.com/support/search.wss?rs=0&q=IC55041&apar=only
πŸ”— http://www.securityfocus.com/bid/27485
πŸ”— http://www.securitytracker.com/id?1019281
πŸ”— http://www.vupen.com/english/advisories/2008/0317
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/40018

Related Vulnerabilities

CVE-2009-275310.0

Multiple buffer overflows in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper servi...

CVE-2009-275410.0

Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper servic...

CVE-2008-094910.0

Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 7.x through 11.x allows remote attackers to gain privileges via a m...

CVE-2010-407010.0

Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper service) in ISM before 2.20.TC1.117 in IBM Informix Dynamic ...