CVE-2010-4070Out-of-bounds Write in IBM Informix Dynamic Server

CWE-1893 documents3 sources
Severity
10.0CRITICALNVD
EPSS
6.4%
top 8.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Informix Dynamic Server
Timeline
PublishedOct 25
Latest updateMay 17

Description

Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper service) in ISM before 2.20.TC1.117 in IBM Informix Dynamic Server (IDS) 7.x before 7.31.xD11, 9.x before 9.40.xC10, 10.00 before 10.00.xC8, and 11.10 before 11.10.xC2 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted parameter size, aka idsdb00146931, idsdb00146930, idsdb00146929, and idsdb00138308.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDibm/informix_dynamic_server25 versions+24

🔴Vulnerability Details

2
GHSA
GHSA-9g6c-7623-rww7: Integer overflow in librpc2022-05-17
CVEList
CVE-2010-4070: Integer overflow in librpc2010-10-25
CVE-2010-4070 — Out-of-bounds Write in IBM | cvebase