CVE-2008-1705
First published: Wed Apr 09 2008(Updated: )
Format string vulnerability in the logging function in IBM solidDB 06.00.1018 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the (1) user name, (2) peer name, and possibly unspecified other fields.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM solidDB | =06.00.1018 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://aluigi.altervista.org/adv/soliduro-adv.txt
- http://aluigi.org/poc/soliduro.zip
- http://securitytracker.com/id?1019721
- http://secunia.com/advisories/29512
- http://www.securityfocus.com/bid/28468
- http://www.vupen.com/english/advisories/2008/1038
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41485
- http://www.securityfocus.com/archive/1/490129/100/0/threaded
- collector/nvd-historical
- collector/nvd-index
- agent/author
- agent/severity
- agent/references
- agent/weakness
- agent/type
- agent/event
- agent/description
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ibm
- canonical/ibm soliddb
- version/ibm soliddb/06.00.1018