mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-09-17 18:45:49 +00:00
240 lines
9.1 KiB
JSON
240 lines
9.1 KiB
JSON
{
|
|
"id": "CVE-2010-4070",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2010-10-25T20:01:06.330",
|
|
"lastModified": "2024-11-21T01:20:10.243",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper service) in ISM before 2.20.TC1.117 in IBM Informix Dynamic Server (IDS) 7.x before 7.31.xD11, 9.x before 9.40.xC10, 10.00 before 10.00.xC8, and 11.10 before 11.10.xC2 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted parameter size, aka idsdb00146931, idsdb00146930, idsdb00146929, and idsdb00138308."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Desbordamiento de entero en librpc.dll en portmap.exe (tambi\u00e9n conocido como servicio ISM Portmapper) en ISM anteriores a v2.20.TC1.117 en IBM Informix Dynamic Server (IDS) v7.x anteriores a v7.31.xD11, v9.x anteriores a v9.40.xC10, v10.00 anteriores a v10.00.xC8, y v11.10 anteirores a v11.10.xC2, permite a los atacantes remotos ejecutar c\u00f3digo a su elecci\u00f3n o provocar una denegaci\u00f3n de servicio (corrupci\u00f3n de memoria din\u00e1mica) a trav\u00e9s de un tama\u00f1o\u00f1 de par\u00e1metro manipulado, tambi\u00e9n conocido como idsdb00146931, idsdb00146930, idsdb00146929, y idsdb00138308."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
|
|
"baseScore": 10.0,
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "COMPLETE",
|
|
"integrityImpact": "COMPLETE",
|
|
"availabilityImpact": "COMPLETE"
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 10.0,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-189"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:informix_dynamic_server:7.31:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "45A93A4B-8AB8-4BC7-9253-8DDA9D091C0A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:informix_dynamic_server:9.40.tc5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CE9B0C17-2D85-4729-85EF-2F5C750BF51B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "910D9A17-43A7-4F9E-98E0-2C465AC8BD2F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1E61711D-4C3E-4A6D-89A8-85B7CDD7FAE1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B2CD7B84-2861-4542-8A08-C668065C8DB4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:informix_dynamic_server:9.40.uc5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E64D85E2-AA7E-4704-A2FA-BD69744423CF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:informix_dynamic_server:9.40.xc5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "21FF7CE7-A061-425B-A29B-1EC6DEDA2C10"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:informix_dynamic_server:9.40.xc7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AD626D2D-D1ED-4B44-A236-CF20F1708D98"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.00:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E67D2B80-49E9-4DDA-87A3-D145B9F49D10"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.tc3tl:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DD6DB2FB-517B-4450-8559-0EE38A82974D"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "257DA554-937D-4BA1-9131-2F978C6E5E62"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A81C5A16-B696-4A8D-AFD2-1A51B3BE4EDB"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "48562C58-0055-4394-9B40-D5730FE6A8AF"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "45791C63-A04C-4990-A78D-0529C8E9CC3E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "55991F0F-2770-4367-9850-93504D33580C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7F9C4B48-B294-4BAF-99EE-7D2E1B024BFD"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc7w1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1061A1A7-579D-4222-A31D-F34F8A11EA63"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "461C0E60-9EB5-42EA-835C-B1F5234E8CF1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc9:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "69DB33A6-1D6E-476A-97E4-8EE60EA43127"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:informix_dynamic_server:10.00.xc10:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "809EB926-BCB1-4EEF-B385-5C487B1F8301"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:informix_dynamic_server:11.10:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "F3398187-9A9C-4584-A186-01DB36C88219"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:informix_dynamic_server:11.10.tb4tl:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "4B657EAB-6F3F-4123-8B03-FEB931A424B5"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BC21790C-D057-4B11-8D0C-202B71B1E7A4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:informix_dynamic_server:11.10.xc1de:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "1D7F320F-72E0-440C-A300-6D85AEE86DA9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ibm:informix_dynamic_server:11.50:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "DE122FD4-9164-4638-8E98-7670908E392B"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "http://secunia.com/advisories/41915",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.osvdb.org/68706",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2010/2733",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-215/",
|
|
"source": "cve@mitre.org"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/41915",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.osvdb.org/68706",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2010/2733",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.zerodayinitiative.com/advisories/ZDI-10-215/",
|
|
"source": "af854a3a-2127-422b-91ae-364da2661108"
|
|
}
|
|
]
|
|
} |