CVE-2010-4057

EUVD-2010-4033
solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing many integer fields with two different values, which allows remote attackers to cause a denial of service (invalid memory access and daemon crash) via a TCP session on port 1315.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 95%
Affected Products (NVD)
VendorProductVersion
ibmsoliddb
𝑥
≤ 6.5.0.3
ibmsoliddb
4.5.167
ibmsoliddb
4.5.168
ibmsoliddb
4.5.169
ibmsoliddb
4.5.173
ibmsoliddb
4.5.175
ibmsoliddb
4.5.176
ibmsoliddb
4.5.178
ibmsoliddb
6.0.1060
ibmsoliddb
6.0.1061
ibmsoliddb
6.0.1064
ibmsoliddb
6.0.1065
ibmsoliddb
6.0.1066
ibmsoliddb
6.1
ibmsoliddb
6.1.20
ibmsoliddb
6.3.33
ibmsoliddb
6.3.37
ibmsoliddb
6.5.0.0
ibmsoliddb
6.5.0.1
ibmsoliddb
6.5.0.2
ibmsoliddb
6.30.0039
ibmsoliddb
6.30.0040
ibmsoliddb
6.30.0044
ibmsoliddb
06.30.0047
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://aluigi.altervista.org/adv/soliddb_1-adv.txt
http://secunia.com/advisories/41873
http://securitytracker.com/id?1024597
http://www.exploit-db.com/exploits/15261
http://www.vupen.com/english/advisories/2010/2715
https://exchange.xforce.ibmcloud.com/vulnerabilities/62590
http://aluigi.altervista.org/adv/soliddb_1-adv.txt
http://secunia.com/advisories/41873
http://securitytracker.com/id?1024597
http://www.exploit-db.com/exploits/15261
http://www.vupen.com/english/advisories/2010/2715
https://exchange.xforce.ibmcloud.com/vulnerabilities/62590