Vulnerabilities > IBM > Soliddb > 4.5.169
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2012-02-21 | CVE-2012-0200 | Unspecified vulnerability in IBM Soliddb The server in IBM solidDB 6.5 before Interim Fix 6 does not properly initialize data structures, which allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with a redundant WHERE condition. | 4.0 |
2012-02-21 | CVE-2011-4890 | Improper Input Validation vulnerability in IBM Soliddb The server in IBM solidDB 6.5 before FP9 and 7.0 before FP1 allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with a ROWNUM condition involving a subquery. | 4.0 |
2011-05-05 | CVE-2011-1208 | Denial of Service vulnerability in IBM solidDB 'rpc_test_svc' Commands IBM solidDB 4.5.x before 4.5.182, 6.0.x before 6.0.1069, 6.1.x and 6.3.x before 6.3 FP8 (aka 6.3.49), and 6.5.x before 6.5 FP4 (aka 6.5.0.4) does not properly handle the (1) rpc_test_svc_readwrite and (2) rpc_test_svc_done commands, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted command. | 7.8 |
2011-04-05 | CVE-2011-1560 | Credentials Management vulnerability in IBM Soliddb solid.exe in IBM solidDB before 4.5.181, 6.0.x before 6.0.1067, 6.1.x and 6.3.x before 6.3.47, and 6.5.x before 6.5.0.3 uses a password-hash length specified by the client, which allows remote attackers to bypass authentication via a short length value. | 9.3 |
2010-10-23 | CVE-2010-4057 | Numeric Errors vulnerability in IBM Soliddb solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing many integer fields with two different values, which allows remote attackers to cause a denial of service (invalid memory access and daemon crash) via a TCP session on port 1315. | 5.0 |
2010-10-23 | CVE-2010-4056 | Denial-Of-Service vulnerability in solidDB solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing a single integer field, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TCP session on port 1315. | 5.0 |
2010-10-23 | CVE-2010-4055 | Resource Management Errors vulnerability in IBM Soliddb Stack consumption vulnerability in solid.exe in IBM solidDB 6.5.0.3 and earlier allows remote attackers to cause a denial of service (memory consumption and daemon crash) by connecting to TCP port 1315 and sending a packet with many integer fields, which trigger many recursive calls of a certain function. | 5.0 |
2010-07-22 | CVE-2010-2771 | Code Injection vulnerability in IBM Soliddb solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to execute arbitrary code via a long username field in the first handshake packet. | 10.0 |
2008-04-09 | CVE-2008-1708 | Resource Management Errors vulnerability in IBM Soliddb IBM solidDB 06.00.1018 and earlier does not validate a certain field that specifies an amount of memory to allocate, which allows remote attackers to cause a denial of service (daemon exit) via a packet with a large value in this field. | 4.3 |
2008-04-09 | CVE-2008-1707 | Resource Management Errors vulnerability in IBM Soliddb IBM solidDB 06.00.1018 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a packet with an 0x11 value in a certain "type" field. | 4.3 |