← Back

CVE-2009-2754

nvd nist
Published: Mar 5, 2010Modified: Apr 29, 2026

JSON object

Loading...
10.0
Vector
AV:N/AC:L/Au:N/C:C/I:C/A:C
Exploitability: 10.0 / Impact: 10.0
Source: NVD

Description

Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3 and EMC Legato NetWorker, allows remote attackers to execute arbitrary code via a crafted parameter size that triggers a stack-based buffer overflow.

Affected (29)

Ibm
1 product
Informix Dynamic Server
Emc
1 product
Legato Networker
Configuration A
28 vulnerable
Vulnerable SoftwareAffected Versions
Ibm
Informix Dynamic Server
Version 10.0.tc1
Informix Dynamic Server
Version 10.0.xc10
Informix Dynamic Server
Version 10.0.xc10e
Informix Dynamic Server
Version 10.0.xc1
Informix Dynamic Server
Version 10.0.xc2e
Informix Dynamic Server
Version 10.0.xc3
Informix Dynamic Server
Version 10.0.xc3e
Informix Dynamic Server
Version 10.0.xc4
Informix Dynamic Server
Version 10.0.xc4e
Informix Dynamic Server
Version 10.0.xc5
Informix Dynamic Server
Version 10.0.xc5e
Informix Dynamic Server
Version 10.0.xc6
Informix Dynamic Server
Version 10.0.xc6e
Informix Dynamic Server
Version 10.0.xc7
Informix Dynamic Server
Version 10.0.xc7e
Informix Dynamic Server
Version 10.0.xc8
Informix Dynamic Server
Version 10.0.xc8e
Informix Dynamic Server
Version 10.0.xc9
Informix Dynamic Server
Version 10.0.xc9e
Informix Dynamic Server
Version 10.0
Informix Dynamic Server
Version 11.10.xc1
Informix Dynamic Server
Version 11.10.xc1de
Informix Dynamic Server
Version 11.10.xc2
Informix Dynamic Server
Version 11.10.xc2e
Informix Dynamic Server
Version 11.10.xc3
Informix Dynamic Server
Version 11.10.xc3e
Informix Dynamic Server
Version 11.10
Informix Dynamic Server
Version 11.1
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Legato Networker
All versions

Related CWEs

CWE-189
CWE-189

References (20)

Source: cve@mitre.org
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
PatchVendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.