Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper service) in ISM before 2.20.TC1.117 in IBM Informix Dynamic Server (IDS) 7.x before 7.31.xD11, 9.x before 9.40.xC10, 10.00 before 10.00.xC8, and 11.10 before 11.10.xC2 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted parameter size, aka idsdb00146931, idsdb00146930, idsdb00146929, and idsdb00138308.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C
Vendors Products
Ibm
  • Informix Dynamic Server

Configuration 1 [-]

OR cpe:2.3:a:ibm:informix_dynamic_server:7.31:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:9.40.tc5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:9.40.xc5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:9.40.xc7:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.00:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.00.tc3tl:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc2:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc3:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc4:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc5:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc6:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc7w1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc8:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc9:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc10:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:11.10:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:11.10.tb4tl:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc1:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc1de:*:*:*:*:*:*:*
cpe:2.3:a:ibm:informix_dynamic_server:11.50:*:*:*:*:*:*:*
References
Link Resource
http://secunia.com/advisories/41915 Vendor Advisory
http://www.osvdb.org/68706
http://www.vupen.com/english/advisories/2010/2733 Vendor Advisory
http://www.zerodayinitiative.com/advisories/ZDI-10-215/
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-10-03T16:21:03

Updated: 2022-10-03T16:21:03

Reserved: 2022-10-03T00:00:00

Link: CVE-2010-4070

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2010-10-25T20:01:06.330

Modified: 2010-10-27T04:00:00.000

Link: CVE-2010-4070

JSON object: View

cve-icon Redhat Information

No data.

CWE