CVE-2010-4056

Name of the Vulnerable Software and Affected Versions IBM solidDB version 6.5.0.3 and earlier

Description The issue arises from improper handling of packet data in solid.exe, allowing remote attackers to cause a denial of service through a NULL pointer dereference and daemon crash. This can be achieved via a TCP session on port 1315 by sending packet data containing a single integer field, which triggers a recursive call to a certain function.

Recommendations For IBM solidDB version 6.5.0.3 and earlier, consider restricting access to port 1315 to minimize the risk of exploitation until a fix is available. As a temporary workaround, limiting the handling of packet data containing single integer fields may help mitigate the issue.