CVE-2008-0768
IBM Informix Dynamic Server < 10.00.xC8 and 11.10.xC2 - Remote Code Execution via Crafted XDR Requests
Title source: llmDescription
Multiple stack-based and heap-based buffer overflows in the Windows RPC components for IBM Informix Storage Manager (ISM), as used in Informix Dynamic Server (IDS) 10.00.xC8 and earlier and 11.10.xC2 and earlier, allow attackers to execute arbitrary code via crafted XDR requests.
References (8)
Core 8
Core References
Permissions Required vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0317
Vendor Advisory vendor-advisory
x_refsource_aixapar
http://www-1.ibm.com/support/search.wss?rs=0&q=IC55041&apar=only
Vendor Advisory vendor-advisory
x_refsource_aixapar
http://www-1.ibm.com/support/search.wss?rs=0&q=IC55040&apar=only
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/27485
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1019281
Third Party Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/28689
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21294211
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/40018
Scores
EPSS
0.0446
EPSS Percentile
90.4%
Details
CWE
CWE-119
Status
published
Products (2)
ibm/informix_dynamic_server
10.0 - 10.00.xc8
ibm/informix_storage_manager
Published
Feb 13, 2008
Tracked Since
Feb 18, 2026