CVSS: 10.0EPSS: 1%CPEs: 17EXPL: 0CVE-2008-0949
https://notcve.org/view.php?id=CVE-2008-0949
Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 7.x through 11.x allows remote attackers to gain privileges via a malformed connection request packet. Vulnerabilidad no especificada en IBM Informix Dynamic Server (IDS) 7.x hasta 11.x permite a atacantes remotos ganar privilegios mediante paquetes de petición de conexión mal formados. • http://secunia.com/advisories/29272 http://www-1.ibm.com/support/search.wss?rs=0&q=IC55224&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IC55225&apar=only http://www.informixmag.com/content/view/11143/27 http://www.informixmag.com/content/view/11144/27 http://www.securityfocus.com/bid/28198 http://www.vupen.com/english/advisories/2008/0860 https://exchange.xforce.ibmcloud.com/vulnerabilities/41370 •
CVSS: 8.5EPSS: 88%CPEs: 17EXPL: 0CVE-2008-0727 – IBM Informix Dynamic Server Authentication Password Stack Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2008-0727
Multiple buffer overflows in oninit.exe in IBM Informix Dynamic Server (IDS) 7.x through 11.x allow (1) remote attackers to execute arbitrary code via a long password and (2) remote authenticated users to execute arbitrary code via a long DBPATH value. Múltiples Desbordamientos de búfer en oninit.exe de IBM Informix Dynamic Server (IDS) de la versión 7.x a la 11.x, permite (1)a atacantes remotos ejecutar código de su elección a través de una contraseña larga (2) y usuarios autenticados remotamente, pueden ejecutar código de su elección a través de una variable DBPATH larga. This vulnerability allows remote attackers to execute arbitrary code on systems with vulnerable installations of IBM's Informix Dynamic Server. User interaction is not required to exploit this vulnerability. Authentication is not required to exploit this vulnerability. The specific flaw exists in the oninit.exe process that listens by default on TCP port 1526. • http://secunia.com/advisories/29272 http://securityreason.com/securityalert/3749 http://www-1.ibm.com/support/docview.wss?uid=swg1IC55207 http://www-1.ibm.com/support/docview.wss?uid=swg1IC55208 http://www-1.ibm.com/support/docview.wss?uid=swg1IC55209 http://www-1.ibm.com/support/docview.wss?uid=swg1IC55210 http://www.securityfocus.com/archive/1/489547/100/0/threaded http://www.securityfocus.com/archive/1/489548/100/0/threaded http://www.securityfocus.com/bid/28198 http:& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 1%CPEs: 4EXPL: 0CVE-2008-0768
https://notcve.org/view.php?id=CVE-2008-0768
Multiple stack-based and heap-based buffer overflows in the Windows RPC components for IBM Informix Storage Manager (ISM), as used in Informix Dynamic Server (IDS) 10.00.xC8 and earlier and 11.10.xC2 and earlier, allow attackers to execute arbitrary code via crafted XDR requests. Múltiples desbordamientos de búfer basados en pila y en montículo en los componentes Windows RPC para IBM Informix Storage Manager (ISM), como se utilizan en Informix Dynamic Server (IDS) 10.00.xC8 y anteriores y 11.10.xC2 y anteriores. Permiten a atacantes ejecutar código de su elección a través de peticiones XDR manipuladas. • http://secunia.com/advisories/28689 http://www-01.ibm.com/support/docview.wss?uid=swg21294211 http://www-1.ibm.com/support/search.wss?rs=0&q=IC55040&apar=only http://www-1.ibm.com/support/search.wss?rs=0&q=IC55041&apar=only http://www.securityfocus.com/bid/27485 http://www.securitytracker.com/id?1019281 http://www.vupen.com/english/advisories/2008/0317 https://exchange.xforce.ibmcloud.com/vulnerabilities/40018 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2007-5957
https://notcve.org/view.php?id=CVE-2007-5957
Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 10.00.TC3TL and 11.10.TB4TL on Windows allows attackers to cause a denial of service (application crash) via unspecified SQ_ONASSIST requests. Vulnerabilidad no especificada en IBM Informix Dynamic Server (IDS) 10.00.TC3TL y 11.10.TB4TL en Windows permite a atacantes provocar una denegación de servicio (caída de la aplicación) mediante peticiones SQ_ONASSIST no especificadas. • http://osvdb.org/41621 http://secunia.com/advisories/27542 http://www-1.ibm.com/support/docview.wss?uid=swg1IC53588 http://www-1.ibm.com/support/docview.wss?uid=swg27011082 http://www.securityfocus.com/bid/26363 http://www.vupen.com/english/advisories/2007/3757 https://exchange.xforce.ibmcloud.com/vulnerabilities/38296 •