CVE-2010-2771

Published: Jul 22, 2010Modified: Apr 29, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to execute arbitrary code via a long username field in the first handshake packet.

Affected (22)

Products: Ibm: Soliddb

1 product

Configuration A

22 vulnerable

Vulnerable Software	Affected Versions
Ibm Soliddb	Up to 6.5.0.1
Ibm Soliddb	Version 06.00.1018
Ibm Soliddb	Version 4.5.167
Ibm Soliddb	Version 4.5.168
Ibm Soliddb	Version 4.5.169
Ibm Soliddb	Version 4.5.173
Ibm Soliddb	Version 4.5.175
Ibm Soliddb	Version 4.5.176
Ibm Soliddb	Version 4.5.178
Ibm Soliddb	Version 6.0.1060
Ibm Soliddb	Version 6.0.1061
Ibm Soliddb	Version 6.0.1064
Ibm Soliddb	Version 6.0.1065
Ibm Soliddb	Version 6.0.1066
Ibm Soliddb	Version 6.1.20
Ibm Soliddb	Version 6.1
Ibm Soliddb	Version 6.3.33
Ibm Soliddb	Version 6.3.37
Ibm Soliddb	Version 6.30.0039
Ibm Soliddb	Version 6.30.0040
Ibm Soliddb	Version 6.30.0044
Ibm Soliddb	Version 6.5.0.0

Related CWEs

Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

References (8)

http://publib.boulder.ibm.com/infocenter/soliddb/v6r5/index.jsp?topic=/com.ibm.swg.im.soliddb.common.doc/doc/detailed.list.fixes.html

Source: cve@mitre.org

http://securitytracker.com/id?1024203

Source: cve@mitre.org

http://www.securityfocus.com/bid/41653

Source: cve@mitre.org

http://www.zerodayinitiative.com/advisories/ZDI-10-125/

Source: cve@mitre.org

http://publib.boulder.ibm.com/infocenter/soliddb/v6r5/index.jsp?topic=/com.ibm.swg.im.soliddb.common.doc/doc/detailed.list.fixes.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1024203

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/41653

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.zerodayinitiative.com/advisories/ZDI-10-125/

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.