CVE-2008-0768

IBM Informix Dynamic Server < 10.00.xC8 and 11.10.xC2 - Remote Code Execution via Crafted XDR Requests

Title source: llm
STIX 2.1

Description

Multiple stack-based and heap-based buffer overflows in the Windows RPC components for IBM Informix Storage Manager (ISM), as used in Informix Dynamic Server (IDS) 10.00.xC8 and earlier and 11.10.xC2 and earlier, allow attackers to execute arbitrary code via crafted XDR requests.

References (8)

Core 8
Core References
Permissions Required vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0317
Vendor Advisory vendor-advisory x_refsource_aixapar
http://www-1.ibm.com/support/search.wss?rs=0&q=IC55041&apar=only
Vendor Advisory vendor-advisory x_refsource_aixapar
http://www-1.ibm.com/support/search.wss?rs=0&q=IC55040&apar=only
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/27485
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1019281
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28689
Vendor Advisory x_refsource_confirm
http://www-01.ibm.com/support/docview.wss?uid=swg21294211
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/40018

Scores

EPSS 0.0446
EPSS Percentile 90.4%

Details

CWE
CWE-119
Status published
Products (2)
ibm/informix_dynamic_server 10.0 - 10.00.xc8
ibm/informix_storage_manager
Published Feb 13, 2008
Tracked Since Feb 18, 2026