CVE-2009-2753

EPSS 23.22%
Published 05.03.2010 16:30:00
Last modified 11.04.2025 00:51:21
Source cve@mitre.org
Teams watchlist Login
Open Login

Multiple buffer overflows in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3, allow remote attackers to execute arbitrary code via a crafted parameter size.

Affected products Warnungen 0 Metrics 2 CWE 1 References 11

Data is provided by the National Vulnerability Database (NVD)

Ibm ≫ Informix Dynamic Server Version10.0

Ibm ≫ Informix Dynamic Server Version10.0.tc1

Ibm ≫ Informix Dynamic Server Version10.0.xc1

Ibm ≫ Informix Dynamic Server Version10.0.xc2e

Ibm ≫ Informix Dynamic Server Version10.0.xc3

Ibm ≫ Informix Dynamic Server Version10.0.xc3e

Ibm ≫ Informix Dynamic Server Version10.0.xc4

Ibm ≫ Informix Dynamic Server Version10.0.xc4e

Ibm ≫ Informix Dynamic Server Version10.0.xc5

Ibm ≫ Informix Dynamic Server Version10.0.xc5e

Ibm ≫ Informix Dynamic Server Version10.0.xc6

Ibm ≫ Informix Dynamic Server Version10.0.xc6e

Ibm ≫ Informix Dynamic Server Version10.0.xc7

Ibm ≫ Informix Dynamic Server Version10.0.xc7e

Ibm ≫ Informix Dynamic Server Version10.0.xc8

Ibm ≫ Informix Dynamic Server Version10.0.xc8e

Ibm ≫ Informix Dynamic Server Version10.0.xc9

Ibm ≫ Informix Dynamic Server Version10.0.xc9e

Ibm ≫ Informix Dynamic Server Version10.0.xc10

Ibm ≫ Informix Dynamic Server Version10.0.xc10e

Ibm ≫ Informix Dynamic Server Version11.1

Ibm ≫ Informix Dynamic Server Version11.10

Ibm ≫ Informix Dynamic Server Version11.10.xc1

Ibm ≫ Informix Dynamic Server Version11.10.xc1de

Ibm ≫ Informix Dynamic Server Version11.10.xc2

Ibm ≫ Informix Dynamic Server Version11.10.xc2e

Ibm ≫ Informix Dynamic Server Version11.10.xc3

Ibm ≫ Informix Dynamic Server Version11.10.xc3e

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	23.22%	0.957

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

http://secunia.com/advisories/38731

Vendor Advisory

http://securitytracker.com/id?1023669

http://www.ibm.com/support/docview.wss?uid=swg1IC55329

http://www.ibm.com/support/docview.wss?uid=swg1IC55330

http://www.securityfocus.com/archive/1/509789/100/0/threaded

http://www.securityfocus.com/bid/38471

http://www.vupen.com/english/advisories/2010/0508

Patch

Vendor Advisory

http://www.zerodayinitiative.com/advisories/ZDI-10-022

https://nvd.nist.gov/vuln/detail/CVE-2009-2753

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2009-2753

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2009-2753

EUVD