CVE-2009-3470 — Reachable Assertion in IBM Informix Dynamic Server

CWE-3993 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
1.1%
top 22.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Informix Dynamic Server
Timeline
PublishedSep 29
Latest updateMay 2

Description

IBM Informix Dynamic Server (IDS) 10.00 before 10.00.xC11, 11.10 before 11.10.xC4, and 11.50 before 11.50.xC5 allows remote attackers to cause a denial of service (memory corruption, assertion failure, and daemon crash) by sending a long password over a JDBC connection.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

â–¶NVDibm/informix_dynamic_server19 versions+18

🔴Vulnerability Details

2
GHSA
GHSA-5cph-mc6w-g6xg: IBM Informix Dynamic Server (IDS) 10↗2022-05-02
â–¶
CVEList
CVE-2009-3470: IBM Informix Dynamic Server (IDS) 10↗2009-09-29
â–¶
CVE-2009-3470 — Reachable Assertion in IBM | cvebase