cpe:/a:ibm:informix_dynamic_server:10.0 cpe:/a:ibm:informix_dynamic_server:10.0.tc1 cpe:/a:ibm:informix_dynamic_server:10.0.xc1 cpe:/a:ibm:informix_dynamic_server:10.0.xc2e cpe:/a:ibm:informix_dynamic_server:10.0.xc3 cpe:/a:ibm:informix_dynamic_server:10.0.xc3e cpe:/a:ibm:informix_dynamic_server:10.0.xc4 cpe:/a:ibm:informix_dynamic_server:10.0.xc4e cpe:/a:ibm:informix_dynamic_server:10.0.xc5 cpe:/a:ibm:informix_dynamic_server:10.0.xc5e cpe:/a:ibm:informix_dynamic_server:10.0.xc6 cpe:/a:ibm:informix_dynamic_server:10.0.xc6e cpe:/a:ibm:informix_dynamic_server:10.0.xc7 cpe:/a:ibm:informix_dynamic_server:10.0.xc7e cpe:/a:ibm:informix_dynamic_server:10.0.xc8 cpe:/a:ibm:informix_dynamic_server:10.0.xc8e cpe:/a:ibm:informix_dynamic_server:10.0.xc9 cpe:/a:ibm:informix_dynamic_server:10.0.xc9e cpe:/a:ibm:informix_dynamic_server:10.0.xc10 cpe:/a:ibm:informix_dynamic_server:10.0.xc10e cpe:/a:ibm:informix_dynamic_server:11.1 cpe:/a:ibm:informix_dynamic_server:11.10 cpe:/a:ibm:informix_dynamic_server:11.10.xc1 cpe:/a:ibm:informix_dynamic_server:11.10.xc1de cpe:/a:ibm:informix_dynamic_server:11.10.xc2 cpe:/a:ibm:informix_dynamic_server:11.10.xc2e cpe:/a:ibm:informix_dynamic_server:11.10.xc3 cpe:/a:ibm:informix_dynamic_server:11.10.xc3e CVE-2009-2753 2010-03-05T11:30:00.537-05:00 2010-12-21T00:00:00.000-05:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2010-03-05T14:25:00.000-05:00 SECTRACK 1023669 BUGTRAQ 20100301 ZDI-10-022: IBM Informix librpc.dll Multiple Remote Code Execution Vulnerabilities BID 38471 SECUNIA 38731 VUPEN ADV-2010-0508 AIXAPAR IC55329 AIXAPAR IC55330 MISC http://www.zerodayinitiative.com/advisories/ZDI-10-022 Multiple buffer overflows in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3, allow remote attackers to execute arbitrary code via a crafted parameter size.