CVE-2009-2754

N/A Unknown
Published: March 05, 2010 Modified: April 29, 2026
View on NVD

Description

Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper service (aka portmap.exe), as used in IBM Informix Dynamic Server (IDS) 10.x before 10.00.TC9 and 11.x before 11.10.TC3 and EMC Legato NetWorker, allows remote attackers to execute arbitrary code via a crafted parameter size that triggers a stack-based buffer overflow.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://knowledgebase.emc.com/emcice/login.do?sType=ax1990&sName=1204&id=emc183834
Source: cve@mitre.org
http://secunia.com/advisories/38731
Source: cve@mitre.org
Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=swg1IC55329
Source: cve@mitre.org
http://www.ibm.com/support/docview.wss?uid=swg1IC55330
Source: cve@mitre.org
http://www.securityfocus.com/archive/1/509793/100/0/threaded
Source: cve@mitre.org
http://www.securityfocus.com/bid/38472
Source: cve@mitre.org
http://www.vupen.com/english/advisories/2010/0508
Source: cve@mitre.org
Patch Vendor Advisory
http://www.vupen.com/english/advisories/2010/0509
Source: cve@mitre.org
Patch Vendor Advisory
http://www.zerodayinitiative.com/advisories/ZDI-10-023
Source: cve@mitre.org
https://exchange.xforce.ibmcloud.com/vulnerabilities/56586
Source: cve@mitre.org
http://knowledgebase.emc.com/emcice/login.do?sType=ax1990&sName=1204&id=emc183834
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/38731
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.ibm.com/support/docview.wss?uid=swg1IC55329
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.ibm.com/support/docview.wss?uid=swg1IC55330
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/509793/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/38472
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.vupen.com/english/advisories/2010/0508
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://www.vupen.com/english/advisories/2010/0509
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Vendor Advisory
http://www.zerodayinitiative.com/advisories/ZDI-10-023
Source: af854a3a-2127-422b-91ae-364da2661108
https://exchange.xforce.ibmcloud.com/vulnerabilities/56586
Source: af854a3a-2127-422b-91ae-364da2661108

20 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
54.9%
98th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-189

Affected Vendors

emc ibm

Related CVEs

CVE-2026-40137 6.1
CVE-2026-40136 4.3
CVE-2026-40135 6.5
CVE-2026-40134 4.3
CVE-2026-40133 6.3