Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper service) in ISM prior to 2.20.TC1.117 in IBM Informix Dynamic Server (IDS) 7.x prior to 7.31.xD11, 9.x prior to 9.40.xC10, 10.00 prior to 10.00.xC8, and 11.10 prior to 11.10.xC2 allows remote malicious users to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted parameter size, aka idsdb00146931, idsdb00146930, idsdb00146929, and idsdb00138308.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
ibm informix dynamic server 9.40.uc1 |
||
ibm informix dynamic server 9.40.uc2 |
||
ibm informix dynamic server 9.40.uc3 |
||
ibm informix dynamic server 9.40.uc5 |
||
ibm informix dynamic server 10.00.xc6 |
||
ibm informix dynamic server 11.50 |
||
ibm informix dynamic server 11.10 |
||
ibm informix dynamic server 11.10.tb4tl |
||
ibm informix dynamic server 9.40.tc5 |
||
ibm informix dynamic server 9.40.xc5 |
||
ibm informix dynamic server 10.00.xc3 |
||
ibm informix dynamic server 10.00 |
||
ibm informix dynamic server 10.00.xc10 |
||
ibm informix dynamic server 11.10.xc1de |
||
ibm informix dynamic server 10.00.xc1 |
||
ibm informix dynamic server 10.00.xc2 |
||
ibm informix dynamic server 10.00.tc3tl |
||
ibm informix dynamic server 10.00.xc8 |
||
ibm informix dynamic server 7.31 |
||
ibm informix dynamic server 9.40.xc7 |
||
ibm informix dynamic server 10.00.xc4 |
||
ibm informix dynamic server 10.00.xc7w1 |
||
ibm informix dynamic server 10.00.xc9 |
||
ibm informix dynamic server 10.00.xc5 |
||
ibm informix dynamic server 11.10.xc1 |
Vulmon