Integer Signedness Error in IBM Informix Dynamic Server and EMC Legato NetWorker
CVE-2009-2754

Currently unrated

Key Information:

Vendor

IBM
Status
Informix Dynamic Server
Vendor
CVE Published:
5 March 2010

What is CVE-2009-2754?

The vulnerability arises from an integer signedness error in the authentication functionality of librpc.dll used by the Informix Storage Manager (ISM) Portmapper service. This flaw can allow remote attackers to execute arbitrary code by sending a specially crafted parameter that triggers a stack-based buffer overflow, posing a significant risk to the integrity and security of affected systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/38731
third-party-advisoryx_refsource_SECUNIA
http://www.securityfocus.com/archive/1/509793/100/0/threaded
mailing-listx_refsource_BUGTRAQ
http://www.vupen.com/english/advisories/2010/0508
vdb-entryx_refsource_VUPEN

EPSS Score

54% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.