CVE-2008-1705

Currently unrated

Key Information:

Vendor: IBM
Status: Soliddb
Vendor: CVE Published:; 9 April 2008

Summary

Format string vulnerability in the logging function in IBM solidDB 06.00.1018 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the (1) user name, (2) peer name, and possibly unspecified other fields.

References

http://aluigi.org/poc/soliduro.zip

x_refsource_MISC

https://exchange.xforce.ibmcloud.com/vulnerabilities/41485

vdb-entryx_refsource_XF

http://secunia.com/advisories/29512

third-party-advisoryx_refsource_SECUNIA

Timeline

Vulnerability published
Apr 9, 2008
Vulnerability Reserved
Apr 9, 2008