CVE-2010-4070
Severity Score
10.0
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper service) in ISM before 2.20.TC1.117 in IBM Informix Dynamic Server (IDS) 7.x before 7.31.xD11, 9.x before 9.40.xC10, 10.00 before 10.00.xC8, and 11.10 before 11.10.xC2 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted parameter size, aka idsdb00146931, idsdb00146930, idsdb00146929, and idsdb00138308.
Desbordamiento de entero en librpc.dll en portmap.exe (también conocido como servicio ISM Portmapper) en ISM anteriores a v2.20.TC1.117 en IBM Informix Dynamic Server (IDS) v7.x anteriores a v7.31.xD11, v9.x anteriores a v9.40.xC10, v10.00 anteriores a v10.00.xC8, y v11.10 anteirores a v11.10.xC2, permite a los atacantes remotos ejecutar código a su elección o provocar una denegación de servicio (corrupción de memoria dinámica) a través de un tamañoñ de parámetro manipulado, también conocido como idsdb00146931, idsdb00146930, idsdb00146929, y idsdb00138308.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2010-10-25 CVE Reserved
- 2010-10-25 CVE Published
- 2024-09-16 CVE Updated
- 2024-09-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-189: Numeric Errors
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://www.osvdb.org/68706 | Vdb Entry | |
| http://www.zerodayinitiative.com/advisories/ZDI-10-215 | X_refsource_misc |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/41915 | 2010-10-27 | |
| http://www.vupen.com/english/advisories/2010/2733 | 2010-10-27 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ibm Search vendor "Ibm" | Informix Dynamic Server Search vendor "Ibm" for product "Informix Dynamic Server" | 7.31 Search vendor "Ibm" for product "Informix Dynamic Server" and version "7.31" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Informix Dynamic Server Search vendor "Ibm" for product "Informix Dynamic Server" | 9.40.tc5 Search vendor "Ibm" for product "Informix Dynamic Server" and version "9.40.tc5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Informix Dynamic Server Search vendor "Ibm" for product "Informix Dynamic Server" | 9.40.uc1 Search vendor "Ibm" for product "Informix Dynamic Server" and version "9.40.uc1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Informix Dynamic Server Search vendor "Ibm" for product "Informix Dynamic Server" | 9.40.uc2 Search vendor "Ibm" for product "Informix Dynamic Server" and version "9.40.uc2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Informix Dynamic Server Search vendor "Ibm" for product "Informix Dynamic Server" | 9.40.uc3 Search vendor "Ibm" for product "Informix Dynamic Server" and version "9.40.uc3" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Informix Dynamic Server Search vendor "Ibm" for product "Informix Dynamic Server" | 9.40.uc5 Search vendor "Ibm" for product "Informix Dynamic Server" and version "9.40.uc5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Informix Dynamic Server Search vendor "Ibm" for product "Informix Dynamic Server" | 9.40.xc5 Search vendor "Ibm" for product "Informix Dynamic Server" and version "9.40.xc5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Informix Dynamic Server Search vendor "Ibm" for product "Informix Dynamic Server" | 9.40.xc7 Search vendor "Ibm" for product "Informix Dynamic Server" and version "9.40.xc7" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Informix Dynamic Server Search vendor "Ibm" for product "Informix Dynamic Server" | 10.00 Search vendor "Ibm" for product "Informix Dynamic Server" and version "10.00" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Informix Dynamic Server Search vendor "Ibm" for product "Informix Dynamic Server" | 10.00.tc3tl Search vendor "Ibm" for product "Informix Dynamic Server" and version "10.00.tc3tl" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Informix Dynamic Server Search vendor "Ibm" for product "Informix Dynamic Server" | 10.00.xc1 Search vendor "Ibm" for product "Informix Dynamic Server" and version "10.00.xc1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Informix Dynamic Server Search vendor "Ibm" for product "Informix Dynamic Server" | 10.00.xc2 Search vendor "Ibm" for product "Informix Dynamic Server" and version "10.00.xc2" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Informix Dynamic Server Search vendor "Ibm" for product "Informix Dynamic Server" | 10.00.xc3 Search vendor "Ibm" for product "Informix Dynamic Server" and version "10.00.xc3" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Informix Dynamic Server Search vendor "Ibm" for product "Informix Dynamic Server" | 10.00.xc4 Search vendor "Ibm" for product "Informix Dynamic Server" and version "10.00.xc4" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Informix Dynamic Server Search vendor "Ibm" for product "Informix Dynamic Server" | 10.00.xc5 Search vendor "Ibm" for product "Informix Dynamic Server" and version "10.00.xc5" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Informix Dynamic Server Search vendor "Ibm" for product "Informix Dynamic Server" | 10.00.xc6 Search vendor "Ibm" for product "Informix Dynamic Server" and version "10.00.xc6" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Informix Dynamic Server Search vendor "Ibm" for product "Informix Dynamic Server" | 10.00.xc7w1 Search vendor "Ibm" for product "Informix Dynamic Server" and version "10.00.xc7w1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Informix Dynamic Server Search vendor "Ibm" for product "Informix Dynamic Server" | 10.00.xc8 Search vendor "Ibm" for product "Informix Dynamic Server" and version "10.00.xc8" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Informix Dynamic Server Search vendor "Ibm" for product "Informix Dynamic Server" | 10.00.xc9 Search vendor "Ibm" for product "Informix Dynamic Server" and version "10.00.xc9" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Informix Dynamic Server Search vendor "Ibm" for product "Informix Dynamic Server" | 10.00.xc10 Search vendor "Ibm" for product "Informix Dynamic Server" and version "10.00.xc10" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Informix Dynamic Server Search vendor "Ibm" for product "Informix Dynamic Server" | 11.10 Search vendor "Ibm" for product "Informix Dynamic Server" and version "11.10" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Informix Dynamic Server Search vendor "Ibm" for product "Informix Dynamic Server" | 11.10.tb4tl Search vendor "Ibm" for product "Informix Dynamic Server" and version "11.10.tb4tl" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Informix Dynamic Server Search vendor "Ibm" for product "Informix Dynamic Server" | 11.10.xc1 Search vendor "Ibm" for product "Informix Dynamic Server" and version "11.10.xc1" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Informix Dynamic Server Search vendor "Ibm" for product "Informix Dynamic Server" | 11.10.xc1de Search vendor "Ibm" for product "Informix Dynamic Server" and version "11.10.xc1de" | - |
Affected
| ||||||
| Ibm Search vendor "Ibm" | Informix Dynamic Server Search vendor "Ibm" for product "Informix Dynamic Server" | 11.50 Search vendor "Ibm" for product "Informix Dynamic Server" and version "11.50" | - |
Affected
| ||||||