CVE-2010-4070

Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper service) in ISM before 2.20.TC1.117 in IBM Informix Dynamic Server (IDS) 7.x before 7.31.xD11, 9.x before 9.40.xC10, 10.00 before 10.00.xC8, and 11.10 before 11.10.xC2 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted parameter size, aka idsdb00146931, idsdb00146930, idsdb00146929, and idsdb00138308.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://www.zerodayinitiative.com/advisories/ZDI-10-215/
http://secunia.com/advisories/41915	Vendor Advisory
http://www.vupen.com/english/advisories/2010/2733	Vendor Advisory
http://www.osvdb.org/68706

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc1:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc2:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc3:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc5:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc6:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:11.50:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:11.10:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:11.10.tb4tl:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:9.40.tc5:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:9.40.xc5:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc3:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:9.40.xc7:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc9:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc1:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc4:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc1:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc10:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.00.tc3tl:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.00:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc7w1:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc1de:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc2:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc8:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc5:::::::*
	cpe:2.3:a:ibm:informix_dynamic_server:7.31:::::::*

Information

Published : 2010-10-25 13:01

Updated : 2010-10-26 21:00

NVD link : CVE-2010-4070

Mitre link : CVE-2010-4070

JSON object : View

CWE

CWE-189

Numeric Errors

Products Affected

ibm

informix_dynamic_server

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-215/", "name": "http://www.zerodayinitiative.com/advisories/ZDI-10-215/", "tags": [], "refsource": "MISC"}, {"url": "http://secunia.com/advisories/41915", "name": "41915", "tags": ["Vendor Advisory"], "refsource": "SECUNIA"}, {"url": "http://www.vupen.com/english/advisories/2010/2733", "name": "ADV-2010-2733", "tags": ["Vendor Advisory"], "refsource": "VUPEN"}, {"url": "http://www.osvdb.org/68706", "name": "68706", "tags": [], "refsource": "OSVDB"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper service) in ISM before 2.20.TC1.117 in IBM Informix Dynamic Server (IDS) 7.x before 7.31.xD11, 9.x before 9.40.xC10, 10.00 before 10.00.xC8, and 11.10 before 11.10.xC2 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted parameter size, aka idsdb00146931, idsdb00146930, idsdb00146929, and idsdb00138308."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-189"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2010-4070", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2010-10-25T20:01Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc6:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:11.50:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:11.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:11.10.tb4tl:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:9.40.tc5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:9.40.xc5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:9.40.xc7:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc9:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc4:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.tc3tl:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.00:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc7w1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc1de:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc8:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc5:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ibm:informix_dynamic_server:7.31:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2010-10-27T04:00Z"}

10.0 /10