CVE-2008-0768

Name: CVE-2008-0768
Creator: NVD / NIST
Published: 2008-02-13T22:00:00+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 4.46%

Last modified Jun 16, 2026

CVE-2008-0768 is a vulnerability of currently unknown severity. Multiple stack-based and heap-based buffer overflows in the Windows RPC components for IBM Informix Storage Manager (ISM), as used in Informix Dynamic Server (IDS) 10.00.xC8 and earlier and 11.10.xC2 and earlier, allow attackers to execute arbitrary code via crafted XDR requests.. EPSS estimates a 4.46% chance of exploitation in the next 30 days.

Description

Multiple stack-based and heap-based buffer overflows in the Windows RPC components for IBM Informix Storage Manager (ISM), as used in Informix Dynamic Server (IDS) 10.00.xC8 and earlier and 11.10.xC2 and earlier, allow attackers to execute arbitrary code via crafted XDR requests.

Metrics

EPSS Probability

4.46%

90.2th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-119

Affected Software

Vendor	Product	Versions
Ibm	Informix Dynamic Server	>= 10.0, <= 10.00.xc8
Ibm	Informix Dynamic Server	>= 11.10, <= 11.10.xc2
Ibm	Informix Storage Manager	All versions

References

http://secunia.com/advisories/28689Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21294211Vendor Advisory
http://www-1.ibm.com/support/search.wss?rs=0&q=IC55040&apar=onlyVendor Advisory
http://www-1.ibm.com/support/search.wss?rs=0&q=IC55041&apar=onlyVendor Advisory
http://www.securityfocus.com/bid/27485Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1019281Third Party Advisory, VDB Entry
http://www.vupen.com/english/advisories/2008/0317Permissions Required
https://exchange.xforce.ibmcloud.com/vulnerabilities/40018Third Party Advisory, VDB Entry
http://secunia.com/advisories/28689Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21294211Vendor Advisory
http://www-1.ibm.com/support/search.wss?rs=0&q=IC55040&apar=onlyVendor Advisory
http://www-1.ibm.com/support/search.wss?rs=0&q=IC55041&apar=onlyVendor Advisory
http://www.securityfocus.com/bid/27485Third Party Advisory, VDB Entry
http://www.securitytracker.com/id?1019281Third Party Advisory, VDB Entry
http://www.vupen.com/english/advisories/2008/0317Permissions Required
https://exchange.xforce.ibmcloud.com/vulnerabilities/40018Third Party Advisory, VDB Entry

Timeline

Published: Feb 13, 2008
Last Modified: Jun 16, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2008-0768?

How severe is CVE-2008-0768?

Severity scoring for CVE-2008-0768 is pending analysis. The EPSS model estimates a 4.46% probability of exploitation in the next 30 days.

How do I fix CVE-2008-0768?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2008-0768?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST