What is the severity of CVE-2010-4070?

CVE-2010-4070 has been classified as a significant vulnerability that can lead to arbitrary code execution.

How do I fix CVE-2010-4070?

To fix CVE-2010-4070, update to the fixed versions of IBM Informix Dynamic Server that mitigate this vulnerability.

What versions of IBM Informix Dynamic Server are affected by CVE-2010-4070?

CVE-2010-4070 affects multiple versions, including IDS 7.x before 7.31.xD11, 9.x before 9.40.xC10, 10.00 before 10.00.xC8, and 11.10 before 11.10.xC2.

Can CVE-2010-4070 be exploited remotely?

Yes, CVE-2010-4070 allows remote attackers to exploit the vulnerability and potentially execute arbitrary code.

What component of IBM Informix Dynamic Server is impacted by CVE-2010-4070?

CVE-2010-4070 impacts the librpc.dll component within the portmap.exe service of IBM Informix Dynamic Server.

Vulnerability/
CVE-2010-4070

critical

CWE

189 190

25/10/2010

16/9/2024

CVE-2010-4070: Integer Overflow

First published: Mon Oct 25 2010(Updated: )

Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper service) in ISM before 2.20.TC1.117 in IBM Informix Dynamic Server (IDS) 7.x before 7.31.xD11, 9.x before 9.40.xC10, 10.00 before 10.00.xC8, and 11.10 before 11.10.xC2 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted parameter size, aka idsdb00146931, idsdb00146930, idsdb00146929, and idsdb00138308.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
IBM Informix Dynamic Server	=9.40.uc3
IBM Informix Dynamic Server	=9.40.uc2
IBM Informix Dynamic Server	=9.40.xc7
IBM Informix Dynamic Server	=11.50
IBM Informix Dynamic Server	=9.40.tc5
IBM Informix Dynamic Server	=11.10
IBM Informix Dynamic Server	=9.40.xc5
IBM Informix Dynamic Server	=9.40.uc1
IBM Informix Dynamic Server	=10.00.xc3
IBM Informix Dynamic Server	=10.00.xc9
IBM Informix Dynamic Server	=10.00.xc6
IBM Informix Dynamic Server	=10.00.xc1
IBM Informix Dynamic Server	=10.00.xc4
IBM Informix Dynamic Server	=11.10.xc1
IBM Informix Dynamic Server	=10.00.xc10
IBM Informix Dynamic Server	=10.00.tc3tl
IBM Informix Dynamic Server	=10.00
IBM Informix Dynamic Server	=10.00.xc7w1
IBM Informix Dynamic Server	=11.10.xc1de
IBM Informix Dynamic Server	=11.10.tb4tl
IBM Informix Dynamic Server	=10.00.xc2
IBM Informix Dynamic Server	=10.00.xc8
IBM Informix Dynamic Server	=10.00.xc5
IBM Informix Dynamic Server	=7.31
IBM Informix Dynamic Server	=9.40.uc5

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2010-4070?
CVE-2010-4070 has been classified as a significant vulnerability that can lead to arbitrary code execution.
How do I fix CVE-2010-4070?
To fix CVE-2010-4070, update to the fixed versions of IBM Informix Dynamic Server that mitigate this vulnerability.
What versions of IBM Informix Dynamic Server are affected by CVE-2010-4070?
CVE-2010-4070 affects multiple versions, including IDS 7.x before 7.31.xD11, 9.x before 9.40.xC10, 10.00 before 10.00.xC8, and 11.10 before 11.10.xC2.
Can CVE-2010-4070 be exploited remotely?
Yes, CVE-2010-4070 allows remote attackers to exploit the vulnerability and potentially execute arbitrary code.
What component of IBM Informix Dynamic Server is impacted by CVE-2010-4070?
CVE-2010-4070 impacts the librpc.dll component within the portmap.exe service of IBM Informix Dynamic Server.

collector/nvd-historical
collector/nvd-index
agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/weakness
agent/severity
agent/author
agent/last-modified-date
agent/tags
agent/description
agent/event
agent/first-publish-date
agent/source
vendor/ibm
canonical/ibm informix dynamic server
version/ibm informix dynamic server/9.40.uc3
version/ibm informix dynamic server/9.40.uc2
version/ibm informix dynamic server/9.40.xc7
version/ibm informix dynamic server/11.50
version/ibm informix dynamic server/9.40.tc5
version/ibm informix dynamic server/11.10
version/ibm informix dynamic server/9.40.xc5
version/ibm informix dynamic server/9.40.uc1
version/ibm informix dynamic server/10.00.xc3
version/ibm informix dynamic server/10.00.xc9
version/ibm informix dynamic server/10.00.xc6
version/ibm informix dynamic server/10.00.xc1
version/ibm informix dynamic server/10.00.xc4
version/ibm informix dynamic server/11.10.xc1
version/ibm informix dynamic server/10.00.xc10
version/ibm informix dynamic server/10.00.tc3tl
version/ibm informix dynamic server/10.00
version/ibm informix dynamic server/10.00.xc7w1
version/ibm informix dynamic server/11.10.xc1de
version/ibm informix dynamic server/11.10.tb4tl
version/ibm informix dynamic server/10.00.xc2
version/ibm informix dynamic server/10.00.xc8
version/ibm informix dynamic server/10.00.xc5
version/ibm informix dynamic server/7.31
version/ibm informix dynamic server/9.40.uc5