CVE-2008-0727

Published Mar 18, 2008

Last updated 6 years ago

CVSS info 8.5

Overview

Description: Multiple buffer overflows in oninit.exe in IBM Informix Dynamic Server (IDS) 7.x through 11.x allow (1) remote attackers to execute arbitrary code via a long password and (2) remote authenticated users to execute arbitrary code via a long DBPATH value.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 8.5
Impact score: 9.2
Exploitability score: 8
Vector string: AV:N/AC:L/Au:S/C:N/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Evaluator

Comment: All IBM links require software support sign in to view.
Impact: -
Solution: -

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:7.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9390D1EA-DB0A-40BB-BBA5-061DA17A2745"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:7.31.xd8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "14BA6483-76C0-4BE2-AE99-97B1AD555704"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:7.31.xd9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E3D9652D-4383-40EE-950F-67794F4D52C6"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:9.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7A565470-B4A3-40FA-B691-1DB484FEC764"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:9.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "58A9F81C-C618-435D-9912-0E61EAB02560"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:9.40.tc5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CE9B0C17-2D85-4729-85EF-2F5C750BF51B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "910D9A17-43A7-4F9E-98E0-2C465AC8BD2F"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E61711D-4C3E-4A6D-89A8-85B7CDD7FAE1"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B2CD7B84-2861-4542-8A08-C668065C8DB4"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E64D85E2-AA7E-4704-A2FA-BD69744423CF"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:9.40.xd8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EBFD2127-16EA-49F1-9023-F22A68F4EE3D"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:9.40_xc7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3480BAB7-4D5B-44F2-8E8D-0062DD205D48"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1716E256-B186-442F-8C4C-9305E0953081"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C7931542-8DB8-4BC3-A319-9352EBC62158"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.0.xc4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "795E3755-48D3-4A70-9AFB-1B3B9F3B8F52"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc7w1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1061A1A7-579D-4222-A31D-F34F8A11EA63"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "539DE4E7-8531-43E8-AE75-178BFC4324F7"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Evaluator

Configurations

References