Soliddb@* Security Vulnerabilities and Issues — Soliddb@* CVE List

Lucene search

IbmSoliddb*

9 matches found

CVE•added 2010/10/23 8:39 p.m.•41 views

CVE-2010-4055

Stack consumption vulnerability in solid.exe in IBM solidDB 6.5.0.3 and earlier allows remote attackers to cause a denial of service (memory consumption and daemon crash) by connecting to TCP port 1315 and sending a packet with many integer fields, which trigger many recursive calls of a certain fu...

5CVSS6.5AI score0.18912EPSS

CVE•added 2010/10/23 8:39 p.m.•36 views

CVE-2010-4057

solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing many integer fields with two different values, which allows remote attackers to cause a denial of service (invalid memory access and daemon crash) via ...

5CVSS6.5AI score0.18912EPSS

CVE•added 2010/07/22 5:43 a.m.•32 views

CVE-2010-2771

solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to execute arbitrary code via a long username field in the first handshake packet.

10CVSS7.7AI score0.08462EPSS

CVE•added 2010/10/23 8:39 p.m.•32 views

CVE-2010-4056

solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing a single integer field, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TCP session on por...

5CVSS6.5AI score0.08775EPSS

CVE•added 2011/04/05 3:19 p.m.•32 views

CVE-2011-1560

solid.exe in IBM solidDB before 4.5.181, 6.0.x before 6.0.1067, 6.1.x and 6.3.x before 6.3.47, and 6.5.x before 6.5.0.3 uses a password-hash length specified by the client, which allows remote attackers to bypass authentication via a short length value.

9.3CVSS6.8AI score0.00659EPSS

CVE•added 2012/02/21 1:31 p.m.•32 views

CVE-2012-0200

The server in IBM solidDB 6.5 before Interim Fix 6 does not properly initialize data structures, which allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with a redundant WHERE condition.

4CVSS6.2AI score0.07488EPSS

CVE•added 2012/02/21 1:31 p.m.•31 views

CVE-2011-4890

The server in IBM solidDB 6.5 before FP9 and 7.0 before FP1 allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with a ROWNUM condition involving a subquery.

4CVSS6.2AI score0.01177EPSS

CVE•added 2008/04/09 7:5 p.m.•28 views

CVE-2008-1708

IBM solidDB 06.00.1018 and earlier does not validate a certain field that specifies an amount of memory to allocate, which allows remote attackers to cause a denial of service (daemon exit) via a packet with a large value in this field.

4.3CVSS6.5AI score0.01169EPSS

CVE•added 2008/04/09 7:5 p.m.•25 views

CVE-2008-1707

IBM solidDB 06.00.1018 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a packet with an 0x11 value in a certain "type" field.

4.3CVSS6.5AI score0.01357EPSS