Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2009-3691
HistoryOct 13, 2009 - 10:30 a.m.

CVE-2009-3691

2009-10-1310:30:00
CWE-189
mitre
web.nvd.nist.gov
33
cve-2009-3691
integer overflow
setnet32.exe
remote code execution
ibm informix client sdk
informix connect runtime
buffer overflow
nvd

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

High

EPSS

0.912

Percentile

98.9%

JSON

Multiple integer overflows in setnet32.exe 3.50.0.13752 in IBM Informix Client SDK 3.0 and 3.50 and Informix Connect Runtime 3.x allow remote attackers to execute arbitrary code via a .nfx file with a crafted (1) HostSize, and possibly (2) ProtoSize and (3) ServerSize, field that triggers a stack-based buffer overflow involving a crafted HostList field. NOTE: some of these details are obtained from third party information.

Affected configurations

Nvd
Node
ibminformix_client_sdkMatch3.0
OR
ibminformix_client_sdkMatch3.50
OR
ibminformix_connect_runtimeMatch3.0
VendorProductVersionCPE
ibminformix_client_sdk3.0cpe:2.3:a:ibm:informix_client_sdk:3.0:*:*:*:*:*:*:*
ibminformix_client_sdk3.50cpe:2.3:a:ibm:informix_client_sdk:3.50:*:*:*:*:*:*:*
ibminformix_connect_runtime3.0cpe:2.3:a:ibm:informix_connect_runtime:3.0:*:*:*:*:*:*:*

Related

prion 1
exploitdb 1
checkpoint_advisories 1
cvelist 1
nvd 1
prion
prion
Integer overflow
2009-10-13 10:30:00
exploitdb
exploitdb
IBM Informix Client SDK 3.0 - '.nfx' File Integer Overflow
2009-10-05 00:00:00
checkpoint_advisories
checkpoint_advisories
IBM Informix Client NFX Buffer Overflow - Ver2 (CVE-2009-3691)
2015-05-18 00:00:00
cvelist
cvelist
CVE-2009-3691
2009-10-13 10:00:00
nvd
nvd
CVE-2009-3691
2009-10-13 10:30:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.9

Confidence

High

EPSS

0.912

Percentile

98.9%

JSON
Related for CVE-2009-3691
prion1exploitdb1checkpoint_advisories1cvelist1nvd1