CVE-2010-4056

Currently unrated

Key Information:

Vendor: IBM
Status: Soliddb
Vendor: CVE Published:; 23 October 2010

Summary

solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing a single integer field, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TCP session on port 1315.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/62590

vdb-entryx_refsource_XF

http://www.exploit-db.com/exploits/15261

exploitx_refsource_EXPLOIT-DB

http://www.vupen.com/english/advisories/2010/2715

vdb-entryx_refsource_VUPEN

EPSS Score

5% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 23, 2010
Vulnerability Reserved
Oct 22, 2010