CVE-2010-4070 Information

Description

Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper service) in ISM before 2.20.TC1.117 in IBM Informix Dynamic Server (IDS) 7.x before 7.31.xD11 9.x before 9.40.xC10 10.00 before 10.00.xC8 and 11.10 before 11.10.xC2 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted parameter size aka idsdb00146931 idsdb00146930 idsdb00146929 and idsdb00138308.

Reference

http://secunia.com/advisories/41915 http://www.osvdb.org/68706 http://www.vupen.com/english/advisories/2010/2733 http://www.zerodayinitiative.com/advisories/ZDI-10-215/