Integer Overflow in IBM Informix Dynamic Server's Portmapper Service
CVE-2010-4070

Currently unrated

Key Information:

Vendor

IBM
Status
Informix Dynamic Server
Vendor
CVE Published:
25 October 2010

What is CVE-2010-4070?

An integer overflow vulnerability exists in the librpc.dll component of portmap.exe, part of the IBM Informix Dynamic Server. This issue can be exploited by remote attackers to execute arbitrary code or induce a denial of service condition through carefully crafted parameter sizes. Versions affected include ISM before 2.20.TC1.117, IDS 7.x prior to 7.31.xD11, 9.x before 9.40.xC10, 10.00 before 10.00.xC8, and 11.10 before 11.10.xC2. Prompt remediation is recommended for all impacted environments.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.zerodayinitiative.com/advisories/ZDI-10-215/
x_refsource_MISC
http://www.osvdb.org/68706
vdb-entryx_refsource_OSVDB
http://www.vupen.com/english/advisories/2010/2733
vdb-entryx_refsource_VUPEN

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability Reserved

  • Vulnerability published

JSON
.