Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-4057

CWE-1894 documents4 sources
Severity
5.0MEDIUM
EPSS
18.9%
top 4.69%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
IBM Soliddb
Timeline
PublishedOct 23
Latest updateMay 17

Description

solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing many integer fields with two different values, which allows remote attackers to cause a denial of service (invalid memory access and daemon crash) via a TCP session on port 1315.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDibm/soliddb6.5.0.3+23

🔴Vulnerability Details

2
GHSA
GHSA-x7rm-43v9-j38p: solid2022-05-17
CVEList
CVE-2010-4057: solid2010-10-22

💥Exploits & PoCs

1
Exploit-DB
IBM solidDB 6.5.0.3 - Denial of Service2010-10-15
CVE-2010-4057 (MEDIUM CVSS 5) | solid.exe in IBM solidDB 6.5.0.3 an | cvebase.io