IBM solidDB 6.30.0039 (6.3 Fix Pack 4)

CPE Details

IBM solidDB 6.30.0039 (6.3 Fix Pack 4)
ibm
soliddb
6.30.0039
2010-07-22
17h31 +00:00
2010-07-22
17h31 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:ibm:soliddb:6.30.0039:*:*:*:*:*:*:*

Informations

Vendor

ibm

Product

soliddb

Version

6.30.0039

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2011-1560 2011-04-05 13h00 +00:00 solid.exe in IBM solidDB before 4.5.181, 6.0.x before 6.0.1067, 6.1.x and 6.3.x before 6.3.47, and 6.5.x before 6.5.0.3 uses a password-hash length specified by the client, which allows remote attackers to bypass authentication via a short length value.
9.3
CVE-2010-4055 2010-10-22 20h00 +00:00 Stack consumption vulnerability in solid.exe in IBM solidDB 6.5.0.3 and earlier allows remote attackers to cause a denial of service (memory consumption and daemon crash) by connecting to TCP port 1315 and sending a packet with many integer fields, which trigger many recursive calls of a certain function.
5
CVE-2010-4056 2010-10-22 20h00 +00:00 solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing a single integer field, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TCP session on port 1315.
5
CVE-2010-4057 2010-10-22 20h00 +00:00 solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing many integer fields with two different values, which allows remote attackers to cause a denial of service (invalid memory access and daemon crash) via a TCP session on port 1315.
5
CVE-2010-2771 2010-07-22 01h00 +00:00 solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to execute arbitrary code via a long username field in the first handshake packet.
10
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.