Summary
IBM SolidDB is prone to a remote code-execution vulnerability.
An attacker can exploit this issue to execute arbitrary code with SYSTEM user privileges. Failed exploit attempts will result in a denial-of- service condition.
The vulnerability is reported in version 6.5 FP1 (6.5.0.1). Prior versions may also be affected.
Solution
The vendor released updates to address this issue. Please see the references for more information.
References
Severity
Classification
-
CVE CVE-2010-2771 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Oracle MySQL Server Multiple Vulnerabilities-01 Nov12 (Windows)
- Oracle Database Server Multiple Unspecified Vulnerabilities
- SAP MaxDB 'serv.exe' Unspecified Remote Code Execution Vulnerability
- IBM DB2 Audit Facility Local Privilege Escalation Vulnerability (Linux)
- Oracle Database Server 'RDBMS' component Denial of Service Vulnerability