Ibm: >> Soliddb >> 6.3.56 Security Vulnerabilities
The server in IBM solidDB 6.5 before FP9 and 7.0 before FP1 allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with a ROWNUM condition involving a subquery.
CVSS Score
4.0
EPSS Score
0.012
Published
2012-02-21
The server in IBM solidDB 6.5 before Interim Fix 6 does not properly initialize data structures, which allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with a redundant WHERE condition.
CVSS Score
4.0
EPSS Score
0.075
Published
2012-02-21
Stack consumption vulnerability in solid.exe in IBM solidDB 6.5.0.3 and earlier allows remote attackers to cause a denial of service (memory consumption and daemon crash) by connecting to TCP port 1315 and sending a packet with many integer fields, which trigger many recursive calls of a certain function.
CVSS Score
5.0
EPSS Score
0.189
Published
2010-10-23
solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing a single integer field, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TCP session on port 1315.
CVSS Score
5.0
EPSS Score
0.088
Published
2010-10-23
solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing many integer fields with two different values, which allows remote attackers to cause a denial of service (invalid memory access and daemon crash) via a TCP session on port 1315.
CVSS Score
5.0
EPSS Score
0.189
Published
2010-10-23
solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to execute arbitrary code via a long username field in the first handshake packet.
CVSS Score
10.0
EPSS Score
0.085
Published
2010-07-22