Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-4055

CWE-3994 documents4 sources
Severity
5.0MEDIUM
EPSS
18.9%
top 4.69%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
IBM Soliddb
Timeline
PublishedOct 23
Latest updateMay 17

Description

Stack consumption vulnerability in solid.exe in IBM solidDB 6.5.0.3 and earlier allows remote attackers to cause a denial of service (memory consumption and daemon crash) by connecting to TCP port 1315 and sending a packet with many integer fields, which trigger many recursive calls of a certain function.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDibm/soliddb6.5.0.3+24

🔴Vulnerability Details

2
GHSA
GHSA-f7f9-2whw-qx53: Stack consumption vulnerability in solid2022-05-17
CVEList
CVE-2010-4055: Stack consumption vulnerability in solid2010-10-22

💥Exploits & PoCs

1
Exploit-DB
IBM solidDB 6.5.0.3 - Denial of Service2010-10-15
CVE-2010-4055 (MEDIUM CVSS 5) | Stack consumption vulnerability in | cvebase.io