CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
90.7%
Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper service) in ISM before 2.20.TC1.117 in IBM Informix Dynamic Server (IDS) 7.x before 7.31.xD11, 9.x before 9.40.xC10, 10.00 before 10.00.xC8, and 11.10 before 11.10.xC2 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted parameter size, aka idsdb00146931, idsdb00146930, idsdb00146929, and idsdb00138308.
Vendor | Product | Version | CPE |
---|---|---|---|
ibm | informix_dynamic_server | 7.31 | cpe:2.3:a:ibm:informix_dynamic_server:7.31:*:*:*:*:*:*:* |
ibm | informix_dynamic_server | 9.40.tc5 | cpe:2.3:a:ibm:informix_dynamic_server:9.40.tc5:*:*:*:*:*:*:* |
ibm | informix_dynamic_server | 9.40.uc1 | cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc1:*:*:*:*:*:*:* |
ibm | informix_dynamic_server | 9.40.uc2 | cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc2:*:*:*:*:*:*:* |
ibm | informix_dynamic_server | 9.40.uc3 | cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc3:*:*:*:*:*:*:* |
ibm | informix_dynamic_server | 9.40.uc5 | cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc5:*:*:*:*:*:*:* |
ibm | informix_dynamic_server | 9.40.xc5 | cpe:2.3:a:ibm:informix_dynamic_server:9.40.xc5:*:*:*:*:*:*:* |
ibm | informix_dynamic_server | 9.40.xc7 | cpe:2.3:a:ibm:informix_dynamic_server:9.40.xc7:*:*:*:*:*:*:* |
ibm | informix_dynamic_server | 10.00 | cpe:2.3:a:ibm:informix_dynamic_server:10.00:*:*:*:*:*:*:* |
ibm | informix_dynamic_server | 10.00.tc3tl | cpe:2.3:a:ibm:informix_dynamic_server:10.00.tc3tl:*:*:*:*:*:*:* |