Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-4890

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2011-4890
Last Modified 09 Oct 2012 11:13:15
Published 21 Feb 2012 08:31:56
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2011-4890

Summary

The server in IBM solidDB 6.5 before FP9 and 7.0 before FP1 allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with a ROWNUM condition involving a subquery.

Vulnerable Systems

Application

  • Ibm Soliddb 6.5.0.0

  • Ibm Soliddb 6.5.0.1

  • Ibm Soliddb 6.5.0.2

  • Ibm Soliddb 6.5.0.3

  • Ibm Soliddb 6.5.0.4

  • Ibm Soliddb 6.5.0.5

  • Ibm Soliddb 6.5.0.6

  • Ibm Soliddb 6.5.0.7

  • Ibm Soliddb 6.5.0.8

  • Ibm Soliddb 7.0.0.0


References

XF - soliddb-rownum-dos(72651)

CONFIRM - http://www.ibm.com/support/docview.wss?uid=swg27021052

AIXAPAR - IC80675

AIXAPAR - IC79861

SECTRACK - 1026555

BID - 51629

CONFIRM - http://www-01.ibm.com/support/docview.wss?uid=swg27021052#if5

SECUNIA - 47654


Last Updated: 27 May 2016 10:58:18