CVE-2009-3470

Published Sep 29, 2009

Last updated a month ago

CVSS info 5.0

Overview

Description: IBM Informix Dynamic Server (IDS) 10.00 before 10.00.xC11, 11.10 before 11.10.xC4, and 11.50 before 11.50.xC5 allows remote attackers to cause a denial of service (memory corruption, assertion failure, and daemon crash) by sending a long password over a JDBC connection.
Source: cve@mitre.org
NVD status: Deferred

Risk scores

CVSS 2.0

Type: Primary
Base score: 5
Impact score: 2.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:P

Weaknesses

nvd@nist.gov: CWE-399

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1716E256-B186-442F-8C4C-9305E0953081"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "257DA554-937D-4BA1-9131-2F978C6E5E62"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A81C5A16-B696-4A8D-AFD2-1A51B3BE4EDB"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "48562C58-0055-4394-9B40-D5730FE6A8AF"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "45791C63-A04C-4990-A78D-0529C8E9CC3E"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "55991F0F-2770-4367-9850-93504D33580C"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F9C4B48-B294-4BAF-99EE-7D2E1B024BFD"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "461C0E60-9EB5-42EA-835C-B1F5234E8CF1"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "69DB33A6-1D6E-476A-97E4-8EE60EA43127"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "809EB926-BCB1-4EEF-B385-5C487B1F8301"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:11.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F3398187-9A9C-4584-A186-01DB36C88219"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BC21790C-D057-4B11-8D0C-202B71B1E7A4"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "539DE4E7-8531-43E8-AE75-178BFC4324F7"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "429D6E5F-E249-4EA5-B2BB-DDF3B2B20676"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:11.50:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DE122FD4-9164-4638-8E98-7670908E392B"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:11.50.xc1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E99EBE74-8437-4DFD-B44A-5BD06B708BA1"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:11.50.xc2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B1E504E6-5293-4255-9FDB-CB115A5719D0"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:11.50.xc3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B96A8DF-88C4-499C-823B-3FB5ECDC9752"
          },
          {
            "criteria": "cpe:2.3:a:ibm:informix_dynamic_server:11.50.xc4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7697326E-CF54-46E3-9ECF-819F6BF53C1A"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References