Denial of Service Vulnerability in IBM solidDB Products
CVE-2010-4056

Currently unrated

Key Information:

Vendor: IBM
Status: Soliddb
Vendor: CVE Published:; 23 October 2010

Summary

In IBM solidDB 6.5.0.3 and earlier, a flaw in the solid.exe component allows for recursive function calls to be mishandled. When the system receives packet data containing a single integer field, it can trigger a NULL pointer dereference, leading to a crash of the daemon. This vulnerability can be exploited by remote attackers via a TCP session on port 1315, causing service disruptions.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/62590

vdb-entryx_refsource_XF

http://www.exploit-db.com/exploits/15261

exploitx_refsource_EXPLOIT-DB

http://www.vupen.com/english/advisories/2010/2715

vdb-entryx_refsource_VUPEN

EPSS Score

9% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Oct 23, 2010
Vulnerability Reserved
Oct 22, 2010