IBM SolidDB 'solid.exe' Handshake Remote Code Execution Vulnerability Network Vulnerability

Summary

IBM SolidDB is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute arbitrary code with SYSTEM user privileges. Failed exploit attempts will result in a denial-of- service condition. The vulnerability is reported in version 6.5 FP1 (6.5.0.1). Prior versions may also be affected.

Solution

The vendor released updates to address this issue. Please see the references for more information.

References

http://www.solidtech.com/en/products/relationaldatabasemanagementsoftware/embed.asp
http://www.zerodayinitiative.com/advisories/ZDI-10-125/
https://www.securityfocus.com/bid/41653

Updated on 2017-03-28

Severity

Classification

CVE CVE-2010-2771
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Oracle MySQL Server Multiple Vulnerabilities-01 Nov12 (Windows)
IBM DB2 UTL_FILE Module Directory Traversal Vulnerability (Windows)
IBM DB2 Multiple Vulnerabilities (Oct10)
Oracle Database Server 'RDBMS' component Denial of Service Vulnerability
IBM DB2 Multiple Vulnerabilities (Sep10)

Take action and discover your vulnerabilities