CyberSec.Space Logo
Back to CVE Browser

CVE-2010-4070

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1620%
EPSS Percentile7.56th
PublishedOct 25, 2010
Last ModifiedApr 29, 2026

Vulnerability Description

Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper service) in ISM before 2.20.TC1.117 in IBM Informix Dynamic Server (IDS) 7.x before 7.31.xD11, 9.x before 9.40.xC10, 10.00 before 10.00.xC8, and 11.10 before 11.10.xC2 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted parameter size, aka idsdb00146931, idsdb00146930, idsdb00146929, and idsdb00138308.

Affected Platforms (CPE)

πŸ“¦
Ibm

Informix Dynamic Server

= 7.31
πŸ“¦
Ibm

Informix Dynamic Server

= 9.40.tc5
πŸ“¦
Ibm

Informix Dynamic Server

= 9.40.uc1
πŸ“¦
Ibm

Informix Dynamic Server

= 9.40.uc2
πŸ“¦
Ibm

Informix Dynamic Server

= 9.40.uc3
πŸ“¦
Ibm

Informix Dynamic Server

= 9.40.uc5
πŸ“¦
Ibm

Informix Dynamic Server

= 9.40.xc5
πŸ“¦
Ibm

Informix Dynamic Server

= 9.40.xc7
πŸ“¦
Ibm

Informix Dynamic Server

= 10.00
πŸ“¦
Ibm

Informix Dynamic Server

= 10.00.tc3tl
πŸ“¦
Ibm

Informix Dynamic Server

= 10.00.xc1
πŸ“¦
Ibm

Informix Dynamic Server

= 10.00.xc2
πŸ“¦
Ibm

Informix Dynamic Server

= 10.00.xc3
πŸ“¦
Ibm

Informix Dynamic Server

= 10.00.xc4
πŸ“¦
Ibm

Informix Dynamic Server

= 10.00.xc5
πŸ“¦
Ibm

Informix Dynamic Server

= 10.00.xc6
πŸ“¦
Ibm

Informix Dynamic Server

= 10.00.xc7w1
πŸ“¦
Ibm

Informix Dynamic Server

= 10.00.xc8
πŸ“¦
Ibm

Informix Dynamic Server

= 10.00.xc9
πŸ“¦
Ibm

Informix Dynamic Server

= 10.00.xc10
πŸ“¦
Ibm

Informix Dynamic Server

= 11.10
πŸ“¦
Ibm

Informix Dynamic Server

= 11.10.tb4tl
πŸ“¦
Ibm

Informix Dynamic Server

= 11.10.xc1
πŸ“¦
Ibm

Informix Dynamic Server

= 11.10.xc1de
πŸ“¦
Ibm

Informix Dynamic Server

= 11.50

References & Advisories

πŸ”— http://secunia.com/advisories/41915
πŸ”— http://www.osvdb.org/68706
πŸ”— http://www.vupen.com/english/advisories/2010/2733
πŸ”— http://www.zerodayinitiative.com/advisories/ZDI-10-215/
πŸ”— http://secunia.com/advisories/41915
πŸ”— http://www.osvdb.org/68706
πŸ”— http://www.vupen.com/english/advisories/2010/2733
πŸ”— http://www.zerodayinitiative.com/advisories/ZDI-10-215/

Related Vulnerabilities

CVE-2008-094910.0

Unspecified vulnerability in IBM Informix Dynamic Server (IDS) 7.x through 11.x allows remote attackers to gain privileges via a m...

CVE-2009-275410.0

Integer signedness error in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper servic...

CVE-2008-076810.0

Multiple stack-based and heap-based buffer overflows in the Windows RPC components for IBM Informix Storage Manager (ISM), as used...

CVE-2009-275310.0

Multiple buffer overflows in the authentication functionality in librpc.dll in the Informix Storage Manager (ISM) Portmapper servi...