Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-4056

4 documents4 sources
Severity
5.0MEDIUM
EPSS
8.8%
top 7.48%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
IBM Soliddb
Timeline
PublishedOct 23
Latest updateMay 17

Description

solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing a single integer field, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TCP session on port 1315.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDibm/soliddb6.5.0.3+23

🔴Vulnerability Details

2
GHSA
GHSA-f7cj-p2gc-6mpq: solid2022-05-17
CVEList
CVE-2010-4056: solid2010-10-22

💥Exploits & PoCs

1
Exploit-DB
IBM solidDB 6.5.0.3 - Denial of Service2010-10-15
CVE-2010-4056 (MEDIUM CVSS 5) | solid.exe in IBM solidDB 6.5.0.3 an | cvebase.io