CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2009-2754

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0400%
EPSS Percentile12.10th
Published2010年3月5日
Last Modified2026年4月29日

Vulnerability Description

Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3 and EMC Legato NetWorker, allows remote attackers to execute arbitrary code via a crafted parameter size that triggers a stack-based buffer overflow.

Affected Platforms (CPE)

📦
Ibm

Informix Dynamic Server

= 10.0
📦
Ibm

Informix Dynamic Server

= 10.0.tc1
📦
Ibm

Informix Dynamic Server

= 10.0.xc1
📦
Ibm

Informix Dynamic Server

= 10.0.xc2e
📦
Ibm

Informix Dynamic Server

= 10.0.xc3
📦
Ibm

Informix Dynamic Server

= 10.0.xc3e
📦
Ibm

Informix Dynamic Server

= 10.0.xc4
📦
Ibm

Informix Dynamic Server

= 10.0.xc4e
📦
Ibm

Informix Dynamic Server

= 10.0.xc5
📦
Ibm

Informix Dynamic Server

= 10.0.xc5e
📦
Ibm

Informix Dynamic Server

= 10.0.xc6
📦
Ibm

Informix Dynamic Server

= 10.0.xc6e
📦
Ibm

Informix Dynamic Server

= 10.0.xc7
📦
Ibm

Informix Dynamic Server

= 10.0.xc7e
📦
Ibm

Informix Dynamic Server

= 10.0.xc8
📦
Ibm

Informix Dynamic Server

= 10.0.xc8e
📦
Ibm

Informix Dynamic Server

= 10.0.xc9
📦
Ibm

Informix Dynamic Server

= 10.0.xc9e
📦
Ibm

Informix Dynamic Server

= 10.0.xc10
📦
Ibm

Informix Dynamic Server

= 10.0.xc10e
📦
Ibm

Informix Dynamic Server

= 11.1
📦
Ibm

Informix Dynamic Server

= 11.10
📦
Ibm

Informix Dynamic Server

= 11.10.xc1
📦
Ibm

Informix Dynamic Server

= 11.10.xc1de
📦
Ibm

Informix Dynamic Server

= 11.10.xc2
📦
Ibm

Informix Dynamic Server

= 11.10.xc2e
📦
Ibm

Informix Dynamic Server

= 11.10.xc3
📦
Ibm

Informix Dynamic Server

= 11.10.xc3e
📦
Emc

Legato Networker

All versions

References & Advisories

🔗 http://knowledgebase.emc.com/emcice/login.do?sType=ax1990&sName=1204&id=emc183834
🔗 http://secunia.com/advisories/38731
🔗 http://www.ibm.com/support/docview.wss?uid=swg1IC55329
🔗 http://www.ibm.com/support/docview.wss?uid=swg1IC55330
🔗 http://www.securityfocus.com/archive/1/509793/100/0/threaded
🔗 http://www.securityfocus.com/bid/38472
🔗 http://www.vupen.com/english/advisories/2010/0508
🔗 http://www.vupen.com/english/advisories/2010/0509

相關漏洞威脅

CVE-2009-275310.0

Multiple buffer overflows in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper servi...

CVE-2008-076810.0

Multiple stack-based and heap-based buffer overflows in the Windows RPC components for IBM Informix Storage Manager (ISM), as used...

CVE-2008-094910.0

Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 7.x through 11.x allows remote attackers to gain privileges via a m...

CVE-2010-407010.0

Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper service) in ISM before 2.20.TC1.117 in IBM Informix Dynamic ...