8.5
CVE-2008-0727
- EPSS 32.76%
- Veröffentlicht 18.03.2008 00:44:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
- Quelle cve@mitre.org
- Teams Watchlist Login
- Unerledigt Login
Multiple buffer overflows in oninit.exe in IBM Informix Dynamic Server (IDS) 7.x through 11.x allow (1) remote attackers to execute arbitrary code via a long password and (2) remote authenticated users to execute arbitrary code via a long DBPATH value.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Ibm ≫ Informix Dynamic Server Version7.3
Ibm ≫ Informix Dynamic Server Version7.31.xd8
Ibm ≫ Informix Dynamic Server Version7.31.xd9
Ibm ≫ Informix Dynamic Server Version9.3
Ibm ≫ Informix Dynamic Server Version9.4
Ibm ≫ Informix Dynamic Server Version9.40.tc5
Ibm ≫ Informix Dynamic Server Version9.40.uc1
Ibm ≫ Informix Dynamic Server Version9.40.uc2
Ibm ≫ Informix Dynamic Server Version9.40.uc3
Ibm ≫ Informix Dynamic Server Version9.40.uc5
Ibm ≫ Informix Dynamic Server Version9.40.xd8
Ibm ≫ Informix Dynamic Server Version9.40_xc7
Ibm ≫ Informix Dynamic Server Version10.0
Ibm ≫ Informix Dynamic Server Version10.0.xc3
Ibm ≫ Informix Dynamic Server Version10.0.xc4
Ibm ≫ Informix Dynamic Server Version10.00.xc7w1
Ibm ≫ Informix Dynamic Server Version11.10.xc2
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 32.76% | 0.967 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.5 | 8 | 9.2 |
AV:N/AC:L/Au:S/C:N/I:C/A:C
|
CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.