返回 CVE 浏览器

CVE-2008-0768

CRITICAL

10.0

CVSS Severity Score

EPSS Score0.1600%

EPSS Percentile12.07th

Published2008年2月13日

Last Modified2026年4月23日

Vulnerability Description

Multiple stack-based and heap-based buffer overflows in the Windows RPC components for IBM Informix Storage Manager (ISM), as used in Informix Dynamic Server (IDS) 10.00.xC8 and earlier and 11.10.xC2 and earlier, allow attackers to execute arbitrary code via crafted XDR requests.

Affected Platforms (CPE)

📦

Ibm

Informix Dynamic Server

>= 10.0 and <= 10.00.xc8

📦

Ibm

Informix Dynamic Server

>= 11.10 and <= 11.10.xc2

📦

Ibm

Informix Storage Manager

All versions

References & Advisories

🔗 http://secunia.com/advisories/28689

🔗 http://www-01.ibm.com/support/docview.wss?uid=swg21294211

🔗 http://www-1.ibm.com/support/search.wss?rs=0&q=IC55040&apar=only

🔗 http://www-1.ibm.com/support/search.wss?rs=0&q=IC55041&apar=only

🔗 http://www.securityfocus.com/bid/27485

🔗 http://www.securitytracker.com/id?1019281

🔗 http://www.vupen.com/english/advisories/2008/0317

🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/40018

相关漏洞威胁

CVE-2009-275310.0

Multiple buffer overflows in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper servi...

CVE-2009-275410.0

Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper servic...

CVE-2008-094910.0

Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 7.x through 11.x allows remote attackers to gain privileges via a m...

CVE-2010-407010.0

Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper service) in ISM before 2.20.TC1.117 in IBM Informix Dynamic ...