Summary
SAP MaxDB is prone to an unspecified remote code-execution vulnerability because it fails to sufficiently validate user- supplied input.
An attacker can leverage this issue to execute arbitrary code with SYSTEM-level privileges. Failed exploit attempts will result in a denial-of- service condition.
Solution
Updates are available
please contact the vendor for more information.
References
Severity
Classification
-
CVE CVE-2010-1185 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Oracle Database Server Multiple Unspecified Vulnerabilities-01 April2014
- Oracle Database Server Upgrade and Downgrade Component Multiple Vulnerabilities
- IBM DB2 Multiple Vulnerabilities (Oct10)
- IBM DB2 UDB Multiple Unspecified Vulnerabilities (Windows)
- MySQL 5.x Unspecified Buffer Overflow Vulnerability