13 matches found
CVE-2010-4055
IBM solidDB vulnerability CVE-2010-4055 affects solidDB 6.5.0.3 and earlier. The issue arises from processing a TCP packet sent to port 1315 that contains many integer fields, which triggers many recursive calls and leads to excessive stack/memory consumption and a daemon crash (DoS). Connected N...
CVE-2013-3031
IBM solidDB stored procedure call handling vulnerability (CVE-2013-3031) affects the Universal Cache component. A SQL stored procedure call that includes named arguments and default parameter values but omits some expected arguments can be exploited by remote authenticated users to cause a denial...
CVE-2010-4056
IBM solidDB 6.5.0.3 and earlier are affected by CVE-2010-4056. The issue occurs when processing a TCP packet on port 1315 containing a single integer field, causing a NULL pointer dereference and daemon crash (remote denial of service). Multiple vulnerability feeds (NVD, OpenVAS, Nessus, etc.) co...
CVE-2010-4057
IBM solidDB 6.5.0.3 and earlier are affected by CVE-2010-4057, where receiving a TCP packet with many integer fields containing two different values triggers a recursive call leading to invalid memory access and a daemon crash (DoS) on port 1315. Affected versions include 6.5.0.3 and earlier; rem...
CVE-2010-2771
IBM SolidDB 'solid.exe' handshake vulnerability (CVE-2010-2771) affects SolidDB versions prior to 6.5 FP2 and allows remote code execution via a long username field in the first handshake packet. Multiple sources confirm a remote code execution impact, with OpenVAS citing SYSTEM-level privileges ...
CVE-2011-1208
The CVE-2011-1208 entry concerns IBM SolidDB. Affected versions include solidDB 4.5.x prior to 4.5.182, 6.0.x prior to 6.0.1069, 6.1.x, 6.3.x prior to 6.3 FP8 (6.3.49), and 6.5.x prior to 6.5 FP4 (6.5.0.4). The issue is a denial-of-service condition caused by improper handling of the rpc_test_svc...
CVE-2011-1560
IBM solidDB is affected by an authentication bypass when solid.exe (and related 4.5.181, 6.0.x <6.0.1067, 6.1.x, 6.3.x <6.3.47, and 6.5.x
CVE-2008-1705
CVE-2008-1705 affects IBM solidDB and its logging function. The vulnerability is a format string issue in the server’s log entry creation, allowing an unauthenticated remote attacker to craft input that is interpreted as format specifiers, enabling arbitrary code execution in the context of the l...
CVE-2012-0200
The CVE-2012-0200 entry affects IBM solidDB 6.5 prior to Interim Fix 6, where a flaw in handling SELECT statements with a redundant WHERE condition leads to a denial of service (daemon crash). Multiple connected sources corroborate a remote DoS vector tied to parsing/initialization issues (e.g., ...
CVE-2011-4890
IBM solidDB is affected on affected versions: 6.5 before FP9 and 7.0 before FP1. The issue is a denial-of-service condition where remote authenticated users can crash the daemon by sending a SELECT with a ROWNUM condition that uses a subquery. This is corroborated by multiple sources (OpenVAS/NAS...
CVE-2008-1706
CVE-2008-1706 affects IBM solidDB (versions 06.00.1018 and earlier). The issue is an uncontrolled array index in a 32-bit field that can be triggered by a large value, allowing remote attackers to cause a daemon crash (DoS). The connected documents provide the vulnerability description and affect...
CVE-2008-1708
IBM solidDB 06.00.1018 and earlier are affected: a memory-allocation field is not validated, enabling a remote attacker to cause a denial-of-service (daemon exit) by sending a packet with a large value. No remediation details are provided in the supplied documents. Monitor for updates and potenti...
CVE-2008-1707
IBM solidDB 06.00.1018 and earlier is affected by CVE-2008-1707. A remote attacker can trigger a denial of service through a crafted packet where the type field has value 0x11, causing a NULL pointer dereference and daemon crash. The available sources identify the affected product and the crash c...