CVE-2010-2159
Dameng DM Database Server - Remote Code Execution via SP_DEL_BAK_EXPIRED Procedure
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2010-2159. PoCs published by Shennan Wang HuaweiSymantec SRT.
AI-analyzed exploit summary This exploit demonstrates a remote memory-corruption vulnerability in DM Database Server via the 'CALL SP_DEL_BAK_EXPIRED' function. By passing a large string as the first argument, an attacker can trigger arbitrary code execution or cause a denial-of-service condition.
Description
Dameng DM Database Server allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors related to the SP_DEL_BAK_EXPIRED procedure in wdm_dll.dll, which triggers memory corruption.
Exploits (1)
This exploit demonstrates a remote memory-corruption vulnerability in DM Database Server via the 'CALL SP_DEL_BAK_EXPIRED' function. By passing a large string as the first argument, an attacker can trigger arbitrary code execution or cause a denial-of-service condition.