What is CVE-2009-2753?

CVE-2009-2753 is a vulnerability in Ibm Informix_dynamic_server, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2010-03-05.

Is CVE-2009-2753 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Buffer overflow in Ibm Informix_dynamic_server

CVE-2009-2753

Multiple buffer overflows in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.1…

Vulnerability class: Buffer Overflow

EPSS: 0.305 (96.8th percentile) — read the EPSS interpretation.

Affected products

Ibm Informix_dynamic_server — versions 10.0.xc8, 10.0.xc8e, 10.0.xc6
N/a — versions n/a

Weakness classification (CWE)

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

38731 (x_refsource_SECUNIA, Vendor Advisory, third-party-advisory)
1023669 (vdb-entry, x_refsource_SECTRACK)
IC55329 (vendor-advisory, x_refsource_AIXAPAR)
IC55330 (vendor-advisory, x_refsource_AIXAPAR)
20100301 ZDI-10-022: IBM Informix librpc.dll Multiple Remote Code Execution Vulnerabilities (mailing-list, x_refsource_BUGTRAQ)
38471 (vdb-entry, x_refsource_BID)
ADV-2010-0508 (Patch, vdb-entry, x_refsource_VUPEN, Vendor Advisory)
cve@mitre.org (x_refsource_MISC)

Frequently asked questions

What is CVE-2009-2753?: CVE-2009-2753 is a vulnerability in Ibm Informix_dynamic_server, classified under Improper Restriction of Operations within the Bounds of a Memory Buffer. Published 2010-03-05.
Is CVE-2009-2753 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.