Search criteria
27 vulnerabilities found for interbase by borland_software
FKIE_CVE-2007-5243
Vulnerability from fkie_nvd - Published: 2007-10-06 17:17 - Updated: 2025-04-09 00:30
Severity ?
Summary
Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect function, (2) a long create request on TCP port 3050 to the (c) isc_create_database or (d) jrd8_create_database function, (3) a long attach request on TCP port 3050 to the (e) isc_attach_database or (f) PWD_db_aliased function, or unspecified vectors involving the (4) jrd8_attach_database or (5) expand_filename2 function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| borland_software | interbase | li_8.0.0.53 | |
| borland_software | interbase | li_8.0.0.54 | |
| borland_software | interbase | li_8.0.0.253 | |
| borland_software | interbase | wi-o6.0.1.6 | |
| borland_software | interbase | wi-o6.0.2.0 | |
| borland_software | interbase | wi-v5.1.1.680 | |
| borland_software | interbase | wi-v5.5.0.742 | |
| borland_software | interbase | wi-v6.0.0.627 | |
| borland_software | interbase | wi-v6.0.1.0 | |
| borland_software | interbase | wi-v6.0.1.6 | |
| borland_software | interbase | wi-v6.5.0.28 | |
| borland_software | interbase | wi-v7.0.1.1 | |
| borland_software | interbase | wi-v7.5.0.129 | |
| borland_software | interbase | wi-v7.5.1.80 | |
| borland_software | interbase | wi-v8.0.0.123 | |
| borland_software | interbase | wi_5.1.1.680 | |
| borland_software | interbase | wi_8.1.0.257 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:borland_software:interbase:li_8.0.0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "9ABE3AEC-7F64-4F08-9A72-80FB27A2098F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:li_8.0.0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "923EC354-2ECD-4E88-801C-B6DF1A8D36FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:li_8.0.0.253:*:*:*:*:*:*:*",
"matchCriteriaId": "59E79CC9-901D-4672-B792-2831578A8E2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:wi-o6.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "05D9F1B1-317B-485C-A4DC-990D7FAF415C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:wi-o6.0.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7CDFDA90-D411-4EBF-AD75-A7144CCD0E31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:wi-v5.1.1.680:*:*:*:*:*:*:*",
"matchCriteriaId": "F7CFA605-B81A-4F5D-B0DD-011855D22D2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:wi-v5.5.0.742:*:*:*:*:*:*:*",
"matchCriteriaId": "24DDABB7-7F79-4661-A169-36997CAC84DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:wi-v6.0.0.627:*:*:*:*:*:*:*",
"matchCriteriaId": "9AD640BD-5008-4EB2-81C2-B1C630911ABB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:wi-v6.0.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "62225C4F-314E-454E-A1D2-F3CEAFBA18EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:wi-v6.0.1.6:*:*:*:*:*:*:*",
"matchCriteriaId": "7044E7E1-0B98-48D2-B230-122F62FD67A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:wi-v6.5.0.28:*:*:*:*:*:*:*",
"matchCriteriaId": "1A5BBF7F-EF91-45E4-A052-DF29DA09EA57",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:wi-v7.0.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6870F9A0-4804-4D6C-8FDC-D7247B69949D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:wi-v7.5.0.129:*:*:*:*:*:*:*",
"matchCriteriaId": "0B7F19E3-0E84-412D-9642-7E8BB23AE75B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:wi-v7.5.1.80:*:*:*:*:*:*:*",
"matchCriteriaId": "D70BE93B-CC19-44B3-AFED-46A8BC317031",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:wi-v8.0.0.123:*:*:*:*:*:*:*",
"matchCriteriaId": "E3AC69EC-523B-4323-ADCC-3CC1D01730F4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:wi_5.1.1.680:*:*:*:*:*:*:*",
"matchCriteriaId": "83C962E2-08ED-4AE0-8D6B-D2E7D94331A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:wi_8.1.0.257:*:*:*:*:*:*:*",
"matchCriteriaId": "320770C5-0EB2-4DA9-A3F6-08D557FCA7EE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect function, (2) a long create request on TCP port 3050 to the (c) isc_create_database or (d) jrd8_create_database function, (3) a long attach request on TCP port 3050 to the (e) isc_attach_database or (f) PWD_db_aliased function, or unspecified vectors involving the (4) jrd8_attach_database or (5) expand_filename2 function."
},
{
"lang": "es",
"value": "M\u00faltiples desbordamientos de b\u00fafer basados en pila en Borland InterBase LI 8.0.0.53 hasta 8.1.0.253, y WI 5.1.1.680 hasta 8.1.0.257, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante (1) una petici\u00f3n larga de anexi\u00f3n a servicio en el puerto TCP 3050 a las funciones (a) SVC_attach o (b) INET_connect, (2) una petici\u00f3n larga de creaci\u00f3n en el puerto TCP 3050 a las funciones (c) isc_create_database o (d) jrd8_create_database, (3) una petici\u00f3n de anexi\u00f3n larga en el puerto TCP 3050 a las funciones (e) isc_attach_database o (f) PWD_db_aliased, o vectores no especificados que involucran a las funciones (4) jrd8_attach_database o (5) expand_filename2."
}
],
"evaluatorComment": "More information about this vulnerability can be found at: \r\nhttp://www.securitytracker.com/alerts/2007/Oct/1018772.html",
"id": "CVE-2007-5243",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-10-06T17:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/38605"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/38606"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/38607"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/38608"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/38609"
},
{
"source": "cve@mitre.org",
"url": "http://risesecurity.org/advisory/RISE-2007002/"
},
{
"source": "cve@mitre.org",
"url": "http://risesecurity.org/blog/entry/3/"
},
{
"source": "cve@mitre.org",
"url": "http://risesecurity.org/exploit/10/"
},
{
"source": "cve@mitre.org",
"url": "http://risesecurity.org/exploit/12/"
},
{
"source": "cve@mitre.org",
"url": "http://risesecurity.org/exploit/13/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://risesecurity.org/exploit/14/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://risesecurity.org/exploit/15/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://risesecurity.org/exploit/9/"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27058"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/25917"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018772"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/3381"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36956"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/38605"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/38606"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/38607"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/38608"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/38609"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://risesecurity.org/advisory/RISE-2007002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://risesecurity.org/blog/entry/3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://risesecurity.org/exploit/10/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://risesecurity.org/exploit/12/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://risesecurity.org/exploit/13/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://risesecurity.org/exploit/14/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://risesecurity.org/exploit/15/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://risesecurity.org/exploit/9/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/25917"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018772"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3381"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36956"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-5244
Vulnerability from fkie_nvd - Published: 2007-10-06 17:17 - Updated: 2025-04-09 00:30
Severity ?
Summary
Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through 8.1.0.253 on Linux, and possibly unspecified versions on Solaris, allows remote attackers to execute arbitrary code via a long attach request on TCP port 3050 to the open_marker_file function.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| borland_software | interbase | li_8.0.0.53 | |
| borland_software | interbase | li_8.0.0.54 | |
| borland_software | interbase | li_8.0.0.253 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:borland_software:interbase:li_8.0.0.53:*:*:*:*:*:*:*",
"matchCriteriaId": "9ABE3AEC-7F64-4F08-9A72-80FB27A2098F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:li_8.0.0.54:*:*:*:*:*:*:*",
"matchCriteriaId": "923EC354-2ECD-4E88-801C-B6DF1A8D36FA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:li_8.0.0.253:*:*:*:*:*:*:*",
"matchCriteriaId": "59E79CC9-901D-4672-B792-2831578A8E2B",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through 8.1.0.253 on Linux, and possibly unspecified versions on Solaris, allows remote attackers to execute arbitrary code via a long attach request on TCP port 3050 to the open_marker_file function."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en Borland InterBase LI 8.0.0.53 hasta la 8.1.0.253 sobre Linux, y posiblemente en versiones no especificadas sobre Solaris, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de una respuesta adjunta larga sobre el puerto TCP 3050 en la funci\u00f3n open_marker_file."
}
],
"id": "CVE-2007-5244",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-10-06T17:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/38610"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://risesecurity.org/advisory/RISE-2007002/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://risesecurity.org/blog/entry/3/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://risesecurity.org/exploit/11/"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27058"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/25917"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018772"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/3381"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36956"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/38610"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://risesecurity.org/advisory/RISE-2007002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://risesecurity.org/blog/entry/3/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://risesecurity.org/exploit/11/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27058"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/25917"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018772"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3381"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36956"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2007-3566
Vulnerability from fkie_nvd - Published: 2007-07-26 18:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 before SP2 allows remote attackers to execute arbitrary code via a long size value in a create request to port 3050/tcp.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| borland_software | interbase | 2007 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:borland_software:interbase:2007:*:*:*:*:*:*:*",
"matchCriteriaId": "2F596DE6-552E-4448-AFFF-165C554A8D28",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 before SP2 allows remote attackers to execute arbitrary code via a long size value in a create request to port 3050/tcp."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en el servicio de base de datos (ibserver.exe) del Borland InterBase 2007 anterior al SP2 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un valor de tama\u00f1o grande en una petici\u00f3n \"create\" al puerto 3050/tcp."
}
],
"id": "CVE-2007-3566",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-07-26T18:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-13"
},
{
"source": "cve@mitre.org",
"url": "http://dvlabs.tippingpoint.com/blog/2007/07/24/step-by-step-of-how-tpti-07-013-was-discovered"
},
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/38602"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26189"
},
{
"source": "cve@mitre.org",
"url": "http://securityreason.com/securityalert/2929"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.codegear.com/downloads/regusers/interbase"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/474561/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/25048"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018451"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/2642"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://dvlabs.tippingpoint.com/blog/2007/07/24/step-by-step-of-how-tpti-07-013-was-discovered"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/38602"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/26189"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/2929"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.codegear.com/downloads/regusers/interbase"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/474561/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/25048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018451"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/2642"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35574"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2004-2043
Vulnerability from fkie_nvd - Published: 2004-05-01 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Buffer overflow in ibserver for Firebird Database 1.0 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows remote attackers to cause a denial of service (crash) via a long database name, as demonstrated using the gsec command.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| borland_software | interbase | 4.0 | |
| borland_software | interbase | 5.0 | |
| borland_software | interbase | 6.0 | |
| borland_software | interbase | 6.4 | |
| borland_software | interbase | 6.5 | |
| borland_software | interbase | 7.0 | |
| borland_software | interbase | 7.1 | |
| borland_software | interbase_superserver | 6.0 | |
| firebirdsql | firebird | 1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:borland_software:interbase:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E61E2866-38F1-45C0-8B5D-A07CA430BDDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D2666FC-B03C-47A5-BA04-A08DC28C7C73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE98699-E21E-4D1C-BD43-F7F62D9AE7BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "42F1460E-CA94-4D7D-9799-F763221DBF4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9547CEC2-B180-4BFF-A5FF-DE8D2ABB8986",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D724271B-3747-4C65-BC90-D0F7B89F996B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B705544-E282-4791-B4F9-0865D57E2747",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase_superserver:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1DB0894E-F477-45F1-902B-D87C4E2291BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:firebirdsql:firebird:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "78A133F6-268F-4765-98E9-A910FC9F4926",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in ibserver for Firebird Database 1.0 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows remote attackers to cause a denial of service (crash) via a long database name, as demonstrated using the gsec command."
}
],
"id": "CVE-2004-2043",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-05-01T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0027.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=108611386202493\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/11756"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/19350"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1010381"
},
{
"source": "cve@mitre.org",
"url": "http://www.debian.org/security/2006/dsa-1014"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.osvdb.org/6408"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/6624"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securiteam.com/unixfocus/5AP0P0UCUO.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10446"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16229"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0027.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=108611386202493\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/11756"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/19350"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1010381"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.debian.org/security/2006/dsa-1014"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.osvdb.org/6408"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/6624"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securiteam.com/unixfocus/5AP0P0UCUO.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/10446"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16229"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16316"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2004-1833
Vulnerability from fkie_nvd - Published: 2004-03-20 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which allows local users to gain database administrative privileges.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| borland_software | interbase | 4.0 | |
| borland_software | interbase | 5.0 | |
| borland_software | interbase | 6.0 | |
| borland_software | interbase | 6.4 | |
| borland_software | interbase | 6.5 | |
| borland_software | interbase | 7.0 | |
| borland_software | interbase | 7.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:borland_software:interbase:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E61E2866-38F1-45C0-8B5D-A07CA430BDDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D2666FC-B03C-47A5-BA04-A08DC28C7C73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE98699-E21E-4D1C-BD43-F7F62D9AE7BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "42F1460E-CA94-4D7D-9799-F763221DBF4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9547CEC2-B180-4BFF-A5FF-DE8D2ABB8986",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D724271B-3747-4C65-BC90-D0F7B89F996B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "5B705544-E282-4791-B4F9-0865D57E2747",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which allows local users to gain database administrative privileges."
}
],
"id": "CVE-2004-1833",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-03-20T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/11172"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1009500"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.idefense.com/application/poi/display?id=80\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.osvdb.org/4381"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9929"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15546"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/11172"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://securitytracker.com/id?1009500"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.idefense.com/application/poi/display?id=80\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.osvdb.org/4381"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9929"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15546"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2003-0197
Vulnerability from fkie_nvd - Published: 2003-04-11 04:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| borland_software | interbase | 6.0 | |
| borland_software | interbase | 6.4 | |
| borland_software | interbase | 6.5 | |
| firebirdsql | firebird | 1.0.2 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:borland_software:interbase:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE98699-E21E-4D1C-BD43-F7F62D9AE7BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:6.4:*:*:*:*:*:*:*",
"matchCriteriaId": "42F1460E-CA94-4D7D-9799-F763221DBF4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9547CEC2-B180-4BFF-A5FF-DE8D2ABB8986",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:firebirdsql:firebird:1.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "41AB209A-D17F-4848-8353-66DEFC21DA55",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK)."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer gds_lock_mgr de Interbase Database 6.x permite a usuarios locales la obtenci\u00f3n de privilegios mediante una variable de entorno ISC_LOCK_ENV larga. (INTERBASE_LOCK)."
}
],
"id": "CVE-2003-0197",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-04-11T04:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0003.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=104940730819887\u0026w=2"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.secnetops.com/research/advisories/SRT2003-04-03-1300.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0003.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=104940730819887\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.secnetops.com/research/advisories/SRT2003-04-03-1300.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2002-1514
Vulnerability from fkie_nvd - Published: 2003-04-02 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
gds_lock_mgr in Borland InterBase allows local users to overwrite files and gain privileges via a symlink attack on a "isc_init1.X" temporary file, as demonstrated by modifying the xinetdbd file.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://archives.neohapsis.com/archives/bugtraq/2002-09/0311.html | Exploit, Vendor Advisory | |
| cve@mitre.org | http://www.iss.net/security_center/static/10196.php | Vendor Advisory | |
| cve@mitre.org | http://www.securityfocus.com/bid/5805 | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://archives.neohapsis.com/archives/bugtraq/2002-09/0311.html | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.iss.net/security_center/static/10196.php | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/5805 | Exploit, Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| borland_software | interbase | 4.0 | |
| borland_software | interbase | 5.0 | |
| borland_software | interbase | 6.0 | |
| borland_software | interbase | 6.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:borland_software:interbase:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E61E2866-38F1-45C0-8B5D-A07CA430BDDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D2666FC-B03C-47A5-BA04-A08DC28C7C73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE98699-E21E-4D1C-BD43-F7F62D9AE7BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:6.5:*:*:*:*:*:*:*",
"matchCriteriaId": "9547CEC2-B180-4BFF-A5FF-DE8D2ABB8986",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "gds_lock_mgr in Borland InterBase allows local users to overwrite files and gain privileges via a symlink attack on a \"isc_init1.X\" temporary file, as demonstrated by modifying the xinetdbd file."
}
],
"id": "CVE-2002-1514",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2003-04-02T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0311.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10196.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5805"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0311.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.iss.net/security_center/static/10196.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/5805"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2002-2087
Vulnerability from fkie_nvd - Published: 2002-12-31 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| borland_software | interbase | 6.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:borland_software:interbase:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE98699-E21E-4D1C-BD43-F7F62D9AE7BF",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server."
}
],
"id": "CVE-2002-2087",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/06/msg00222.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.iss.net/security_center/static/9392.php"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/5044"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/5046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Vendor Advisory"
],
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/06/msg00222.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.iss.net/security_center/static/9392.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/5044"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/5046"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2001-0008
Vulnerability from fkie_nvd - Published: 2001-02-12 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Backdoor account in Interbase database server allows remote attackers to overwrite arbitrary files using stored procedures.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | http://www.cert.org/advisories/CA-2001-01.html | Patch, Third Party Advisory, US Government Resource | |
| cve@mitre.org | http://www.securityfocus.com/bid/2192 | Exploit, Patch, Vendor Advisory | |
| cve@mitre.org | https://exchange.xforce.ibmcloud.com/vulnerabilities/5911 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.cert.org/advisories/CA-2001-01.html | Patch, Third Party Advisory, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/2192 | Exploit, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://exchange.xforce.ibmcloud.com/vulnerabilities/5911 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| borland_software | interbase | 4.0 | |
| borland_software | interbase | 5.0 | |
| borland_software | interbase | 6.0 | |
| firebirdsql | firebird | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:borland_software:interbase:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E61E2866-38F1-45C0-8B5D-A07CA430BDDB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0D2666FC-B03C-47A5-BA04-A08DC28C7C73",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:borland_software:interbase:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "5FE98699-E21E-4D1C-BD43-F7F62D9AE7BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:firebirdsql:firebird:*:*:*:*:*:*:*:*",
"matchCriteriaId": "223711C1-58BB-4755-8848-170CB3FF81E8",
"versionEndIncluding": "0.9.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Backdoor account in Interbase database server allows remote attackers to overwrite arbitrary files using stored procedures."
}
],
"id": "CVE-2001-0008",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2001-02-12T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2001-01.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2192"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5911"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.cert.org/advisories/CA-2001-01.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/2192"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5911"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2007-5243 (GCVE-0-2007-5243)
Vulnerability from cvelistv5 – Published: 2007-10-06 17:00 – Updated: 2024-08-07 15:24
VLAI?
Summary
Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect function, (2) a long create request on TCP port 3050 to the (c) isc_create_database or (d) jrd8_create_database function, (3) a long attach request on TCP port 3050 to the (e) isc_attach_database or (f) PWD_db_aliased function, or unspecified vectors involving the (4) jrd8_attach_database or (5) expand_filename2 function.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:24:42.138Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25917",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25917"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/blog/entry/3/"
},
{
"name": "1018772",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018772"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/exploit/10/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/exploit/9/"
},
{
"name": "38607",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38607"
},
{
"name": "38609",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38609"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/exploit/13/"
},
{
"name": "ADV-2007-3381",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3381"
},
{
"name": "38606",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38606"
},
{
"name": "borland-multiple-functions-bo(36956)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36956"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/exploit/15/"
},
{
"name": "38608",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38608"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/advisory/RISE-2007002/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/exploit/14/"
},
{
"name": "27058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27058"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/exploit/12/"
},
{
"name": "38605",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38605"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect function, (2) a long create request on TCP port 3050 to the (c) isc_create_database or (d) jrd8_create_database function, (3) a long attach request on TCP port 3050 to the (e) isc_attach_database or (f) PWD_db_aliased function, or unspecified vectors involving the (4) jrd8_attach_database or (5) expand_filename2 function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25917",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25917"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/blog/entry/3/"
},
{
"name": "1018772",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018772"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/exploit/10/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/exploit/9/"
},
{
"name": "38607",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38607"
},
{
"name": "38609",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38609"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/exploit/13/"
},
{
"name": "ADV-2007-3381",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3381"
},
{
"name": "38606",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38606"
},
{
"name": "borland-multiple-functions-bo(36956)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36956"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/exploit/15/"
},
{
"name": "38608",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38608"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/advisory/RISE-2007002/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/exploit/14/"
},
{
"name": "27058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27058"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/exploit/12/"
},
{
"name": "38605",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38605"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5243",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect function, (2) a long create request on TCP port 3050 to the (c) isc_create_database or (d) jrd8_create_database function, (3) a long attach request on TCP port 3050 to the (e) isc_attach_database or (f) PWD_db_aliased function, or unspecified vectors involving the (4) jrd8_attach_database or (5) expand_filename2 function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25917",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25917"
},
{
"name": "http://risesecurity.org/blog/entry/3/",
"refsource": "MISC",
"url": "http://risesecurity.org/blog/entry/3/"
},
{
"name": "1018772",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018772"
},
{
"name": "http://risesecurity.org/exploit/10/",
"refsource": "MISC",
"url": "http://risesecurity.org/exploit/10/"
},
{
"name": "http://risesecurity.org/exploit/9/",
"refsource": "MISC",
"url": "http://risesecurity.org/exploit/9/"
},
{
"name": "38607",
"refsource": "OSVDB",
"url": "http://osvdb.org/38607"
},
{
"name": "38609",
"refsource": "OSVDB",
"url": "http://osvdb.org/38609"
},
{
"name": "http://risesecurity.org/exploit/13/",
"refsource": "MISC",
"url": "http://risesecurity.org/exploit/13/"
},
{
"name": "ADV-2007-3381",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3381"
},
{
"name": "38606",
"refsource": "OSVDB",
"url": "http://osvdb.org/38606"
},
{
"name": "borland-multiple-functions-bo(36956)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36956"
},
{
"name": "http://risesecurity.org/exploit/15/",
"refsource": "MISC",
"url": "http://risesecurity.org/exploit/15/"
},
{
"name": "38608",
"refsource": "OSVDB",
"url": "http://osvdb.org/38608"
},
{
"name": "http://risesecurity.org/advisory/RISE-2007002/",
"refsource": "MISC",
"url": "http://risesecurity.org/advisory/RISE-2007002/"
},
{
"name": "http://risesecurity.org/exploit/14/",
"refsource": "MISC",
"url": "http://risesecurity.org/exploit/14/"
},
{
"name": "27058",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27058"
},
{
"name": "http://risesecurity.org/exploit/12/",
"refsource": "MISC",
"url": "http://risesecurity.org/exploit/12/"
},
{
"name": "38605",
"refsource": "OSVDB",
"url": "http://osvdb.org/38605"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5243",
"datePublished": "2007-10-06T17:00:00",
"dateReserved": "2007-10-06T00:00:00",
"dateUpdated": "2024-08-07T15:24:42.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5244 (GCVE-0-2007-5244)
Vulnerability from cvelistv5 – Published: 2007-10-06 17:00 – Updated: 2024-08-07 15:24
VLAI?
Summary
Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through 8.1.0.253 on Linux, and possibly unspecified versions on Solaris, allows remote attackers to execute arbitrary code via a long attach request on TCP port 3050 to the open_marker_file function.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:24:42.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25917",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25917"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/blog/entry/3/"
},
{
"name": "1018772",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018772"
},
{
"name": "ADV-2007-3381",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3381"
},
{
"name": "borland-multiple-functions-bo(36956)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36956"
},
{
"name": "38610",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38610"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/advisory/RISE-2007002/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/exploit/11/"
},
{
"name": "27058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27058"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through 8.1.0.253 on Linux, and possibly unspecified versions on Solaris, allows remote attackers to execute arbitrary code via a long attach request on TCP port 3050 to the open_marker_file function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25917",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25917"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/blog/entry/3/"
},
{
"name": "1018772",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018772"
},
{
"name": "ADV-2007-3381",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3381"
},
{
"name": "borland-multiple-functions-bo(36956)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36956"
},
{
"name": "38610",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38610"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/advisory/RISE-2007002/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/exploit/11/"
},
{
"name": "27058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27058"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5244",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through 8.1.0.253 on Linux, and possibly unspecified versions on Solaris, allows remote attackers to execute arbitrary code via a long attach request on TCP port 3050 to the open_marker_file function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25917",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25917"
},
{
"name": "http://risesecurity.org/blog/entry/3/",
"refsource": "MISC",
"url": "http://risesecurity.org/blog/entry/3/"
},
{
"name": "1018772",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018772"
},
{
"name": "ADV-2007-3381",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3381"
},
{
"name": "borland-multiple-functions-bo(36956)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36956"
},
{
"name": "38610",
"refsource": "OSVDB",
"url": "http://osvdb.org/38610"
},
{
"name": "http://risesecurity.org/advisory/RISE-2007002/",
"refsource": "MISC",
"url": "http://risesecurity.org/advisory/RISE-2007002/"
},
{
"name": "http://risesecurity.org/exploit/11/",
"refsource": "MISC",
"url": "http://risesecurity.org/exploit/11/"
},
{
"name": "27058",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27058"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5244",
"datePublished": "2007-10-06T17:00:00",
"dateReserved": "2007-10-06T00:00:00",
"dateUpdated": "2024-08-07T15:24:42.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3566 (GCVE-0-2007-3566)
Vulnerability from cvelistv5 – Published: 2007-07-26 18:00 – Updated: 2024-08-07 14:21
VLAI?
Summary
Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 before SP2 allows remote attackers to execute arbitrary code via a long size value in a create request to port 3050/tcp.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:21:36.159Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "interbase-create-bo(35574)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35574"
},
{
"name": "20070724 TPTI-07-13: Borland Interbase ibserver.exe Create-Request Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474561/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-13"
},
{
"name": "26189",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26189"
},
{
"name": "25048",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25048"
},
{
"name": "ADV-2007-2642",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2642"
},
{
"name": "2929",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2929"
},
{
"name": "1018451",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018451"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dvlabs.tippingpoint.com/blog/2007/07/24/step-by-step-of-how-tpti-07-013-was-discovered"
},
{
"name": "38602",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38602"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.codegear.com/downloads/regusers/interbase"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 before SP2 allows remote attackers to execute arbitrary code via a long size value in a create request to port 3050/tcp."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "interbase-create-bo(35574)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35574"
},
{
"name": "20070724 TPTI-07-13: Borland Interbase ibserver.exe Create-Request Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474561/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-13"
},
{
"name": "26189",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26189"
},
{
"name": "25048",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25048"
},
{
"name": "ADV-2007-2642",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2642"
},
{
"name": "2929",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2929"
},
{
"name": "1018451",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018451"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dvlabs.tippingpoint.com/blog/2007/07/24/step-by-step-of-how-tpti-07-013-was-discovered"
},
{
"name": "38602",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38602"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.codegear.com/downloads/regusers/interbase"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3566",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 before SP2 allows remote attackers to execute arbitrary code via a long size value in a create request to port 3050/tcp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "interbase-create-bo(35574)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35574"
},
{
"name": "20070724 TPTI-07-13: Borland Interbase ibserver.exe Create-Request Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474561/100/0/threaded"
},
{
"name": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-13",
"refsource": "MISC",
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-13"
},
{
"name": "26189",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26189"
},
{
"name": "25048",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25048"
},
{
"name": "ADV-2007-2642",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2642"
},
{
"name": "2929",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2929"
},
{
"name": "1018451",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018451"
},
{
"name": "http://dvlabs.tippingpoint.com/blog/2007/07/24/step-by-step-of-how-tpti-07-013-was-discovered",
"refsource": "MISC",
"url": "http://dvlabs.tippingpoint.com/blog/2007/07/24/step-by-step-of-how-tpti-07-013-was-discovered"
},
{
"name": "38602",
"refsource": "OSVDB",
"url": "http://osvdb.org/38602"
},
{
"name": "http://www.codegear.com/downloads/regusers/interbase",
"refsource": "MISC",
"url": "http://www.codegear.com/downloads/regusers/interbase"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3566",
"datePublished": "2007-07-26T18:00:00",
"dateReserved": "2007-07-05T00:00:00",
"dateUpdated": "2024-08-07T14:21:36.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2087 (GCVE-0-2002-2087)
Vulnerability from cvelistv5 – Published: 2005-08-05 04:00 – Updated: 2024-09-16 22:13
VLAI?
Summary
Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:51:17.491Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020618 Interbase 6.0 malloc() issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/06/msg00222.html"
},
{
"name": "5046",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5046"
},
{
"name": "5044",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5044"
},
{
"name": "interbase-interbase-variable-bo(9392)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9392.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-08-05T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020618 Interbase 6.0 malloc() issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/06/msg00222.html"
},
{
"name": "5046",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5046"
},
{
"name": "5044",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5044"
},
{
"name": "interbase-interbase-variable-bo(9392)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9392.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2087",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020618 Interbase 6.0 malloc() issues",
"refsource": "BUGTRAQ",
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/06/msg00222.html"
},
{
"name": "5046",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5046"
},
{
"name": "5044",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5044"
},
{
"name": "interbase-interbase-variable-bo(9392)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9392.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2087",
"datePublished": "2005-08-05T04:00:00Z",
"dateReserved": "2005-08-05T00:00:00Z",
"dateUpdated": "2024-09-16T22:13:59.442Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2043 (GCVE-0-2004-2043)
Vulnerability from cvelistv5 – Published: 2005-05-10 04:00 – Updated: 2024-08-08 01:15
VLAI?
Summary
Buffer overflow in ibserver for Firebird Database 1.0 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows remote attackers to cause a denial of service (crash) via a long database name, as demonstrated using the gsec command.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:15:01.209Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1014",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1014"
},
{
"name": "firebird-database-name-bo(16229)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16229"
},
{
"name": "19350",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19350"
},
{
"name": "20040601 Firebird Database Remote Database Name Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108611386202493\u0026w=2"
},
{
"name": "6624",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/6624"
},
{
"name": "20040602 Firebird [ AND Interbase 7 ] Database Remote Database Name Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0027.html"
},
{
"name": "interbase-database-name-bo(16316)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16316"
},
{
"name": "10446",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10446"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securiteam.com/unixfocus/5AP0P0UCUO.html"
},
{
"name": "1010381",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1010381"
},
{
"name": "6408",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/6408"
},
{
"name": "11756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11756"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-06-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in ibserver for Firebird Database 1.0 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows remote attackers to cause a denial of service (crash) via a long database name, as demonstrated using the gsec command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-1014",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1014"
},
{
"name": "firebird-database-name-bo(16229)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16229"
},
{
"name": "19350",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19350"
},
{
"name": "20040601 Firebird Database Remote Database Name Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108611386202493\u0026w=2"
},
{
"name": "6624",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/6624"
},
{
"name": "20040602 Firebird [ AND Interbase 7 ] Database Remote Database Name Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0027.html"
},
{
"name": "interbase-database-name-bo(16316)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16316"
},
{
"name": "10446",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10446"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securiteam.com/unixfocus/5AP0P0UCUO.html"
},
{
"name": "1010381",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1010381"
},
{
"name": "6408",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/6408"
},
{
"name": "11756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11756"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2043",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in ibserver for Firebird Database 1.0 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows remote attackers to cause a denial of service (crash) via a long database name, as demonstrated using the gsec command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-1014",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1014"
},
{
"name": "firebird-database-name-bo(16229)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16229"
},
{
"name": "19350",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19350"
},
{
"name": "20040601 Firebird Database Remote Database Name Overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108611386202493\u0026w=2"
},
{
"name": "6624",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6624"
},
{
"name": "20040602 Firebird [ AND Interbase 7 ] Database Remote Database Name Overflow",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0027.html"
},
{
"name": "interbase-database-name-bo(16316)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16316"
},
{
"name": "10446",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10446"
},
{
"name": "http://www.securiteam.com/unixfocus/5AP0P0UCUO.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/unixfocus/5AP0P0UCUO.html"
},
{
"name": "1010381",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1010381"
},
{
"name": "6408",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6408"
},
{
"name": "11756",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11756"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2043",
"datePublished": "2005-05-10T04:00:00",
"dateReserved": "2005-05-04T00:00:00",
"dateUpdated": "2024-08-08T01:15:01.209Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1833 (GCVE-0-2004-1833)
Vulnerability from cvelistv5 – Published: 2005-05-10 04:00 – Updated: 2024-08-08 01:07
VLAI?
Summary
The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which allows local users to gain database administrative privileges.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:07:48.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4381",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/4381"
},
{
"name": "1009500",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1009500"
},
{
"name": "9929",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9929"
},
{
"name": "20040319 Borland Interbase admin.ib Administrative Access Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=80\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"name": "11172",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11172"
},
{
"name": "interbase-admin-gain-privileges(15546)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15546"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which allows local users to gain database administrative privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4381",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/4381"
},
{
"name": "1009500",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1009500"
},
{
"name": "9929",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9929"
},
{
"name": "20040319 Borland Interbase admin.ib Administrative Access Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=80\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"name": "11172",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11172"
},
{
"name": "interbase-admin-gain-privileges(15546)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15546"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1833",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which allows local users to gain database administrative privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4381",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/4381"
},
{
"name": "1009500",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1009500"
},
{
"name": "9929",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9929"
},
{
"name": "20040319 Borland Interbase admin.ib Administrative Access Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=80\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"name": "11172",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11172"
},
{
"name": "interbase-admin-gain-privileges(15546)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15546"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1833",
"datePublished": "2005-05-10T04:00:00",
"dateReserved": "2005-05-04T00:00:00",
"dateUpdated": "2024-08-08T01:07:48.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1514 (GCVE-0-2002-1514)
Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:26
VLAI?
Summary
gds_lock_mgr in Borland InterBase allows local users to overwrite files and gain privileges via a symlink attack on a "isc_init1.X" temporary file, as demonstrated by modifying the xinetdbd file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:26:28.923Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "interbase-gdslockmgr-bo(10196)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10196.php"
},
{
"name": "20020925 Borland Interbase local root exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0311.html"
},
{
"name": "5805",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5805"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "gds_lock_mgr in Borland InterBase allows local users to overwrite files and gain privileges via a symlink attack on a \"isc_init1.X\" temporary file, as demonstrated by modifying the xinetdbd file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-21T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "interbase-gdslockmgr-bo(10196)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10196.php"
},
{
"name": "20020925 Borland Interbase local root exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0311.html"
},
{
"name": "5805",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5805"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1514",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "gds_lock_mgr in Borland InterBase allows local users to overwrite files and gain privileges via a symlink attack on a \"isc_init1.X\" temporary file, as demonstrated by modifying the xinetdbd file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "interbase-gdslockmgr-bo(10196)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10196.php"
},
{
"name": "20020925 Borland Interbase local root exploit",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0311.html"
},
{
"name": "5805",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5805"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1514",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2003-02-23T00:00:00",
"dateUpdated": "2024-08-08T03:26:28.923Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0197 (GCVE-0-2003-0197)
Vulnerability from cvelistv5 – Published: 2003-04-08 04:00 – Updated: 2024-08-08 01:43
VLAI?
Summary
Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:36.151Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030403 SRT2003-04-03-1300 - Interbase ISC_LOCK_ENV overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104940730819887\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.secnetops.com/research/advisories/SRT2003-04-03-1300.txt"
},
{
"name": "20030403 SRT2003-04-03-1300 - Interbase ISC_LOCK_ENV overflow",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030403 SRT2003-04-03-1300 - Interbase ISC_LOCK_ENV overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104940730819887\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.secnetops.com/research/advisories/SRT2003-04-03-1300.txt"
},
{
"name": "20030403 SRT2003-04-03-1300 - Interbase ISC_LOCK_ENV overflow",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0197",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030403 SRT2003-04-03-1300 - Interbase ISC_LOCK_ENV overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104940730819887\u0026w=2"
},
{
"name": "http://www.secnetops.com/research/advisories/SRT2003-04-03-1300.txt",
"refsource": "MISC",
"url": "http://www.secnetops.com/research/advisories/SRT2003-04-03-1300.txt"
},
{
"name": "20030403 SRT2003-04-03-1300 - Interbase ISC_LOCK_ENV overflow",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0197",
"datePublished": "2003-04-08T04:00:00",
"dateReserved": "2003-04-03T00:00:00",
"dateUpdated": "2024-08-08T01:43:36.151Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0008 (GCVE-0-2001-0008)
Vulnerability from cvelistv5 – Published: 2001-05-07 04:00 – Updated: 2024-08-08 04:06
VLAI?
Summary
Backdoor account in Interbase database server allows remote attackers to overwrite arbitrary files using stored procedures.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:06:54.604Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "interbase-backdoor-account(5911)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5911"
},
{
"name": "2192",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2192"
},
{
"name": "CA-2001-01",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2001-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Backdoor account in Interbase database server allows remote attackers to overwrite arbitrary files using stored procedures."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "interbase-backdoor-account(5911)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5911"
},
{
"name": "2192",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2192"
},
{
"name": "CA-2001-01",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2001-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0008",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Backdoor account in Interbase database server allows remote attackers to overwrite arbitrary files using stored procedures."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "interbase-backdoor-account(5911)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5911"
},
{
"name": "2192",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2192"
},
{
"name": "CA-2001-01",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2001-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0008",
"datePublished": "2001-05-07T04:00:00",
"dateReserved": "2001-01-10T00:00:00",
"dateUpdated": "2024-08-08T04:06:54.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5243 (GCVE-0-2007-5243)
Vulnerability from nvd – Published: 2007-10-06 17:00 – Updated: 2024-08-07 15:24
VLAI?
Summary
Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect function, (2) a long create request on TCP port 3050 to the (c) isc_create_database or (d) jrd8_create_database function, (3) a long attach request on TCP port 3050 to the (e) isc_attach_database or (f) PWD_db_aliased function, or unspecified vectors involving the (4) jrd8_attach_database or (5) expand_filename2 function.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:24:42.138Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25917",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25917"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/blog/entry/3/"
},
{
"name": "1018772",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018772"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/exploit/10/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/exploit/9/"
},
{
"name": "38607",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38607"
},
{
"name": "38609",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38609"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/exploit/13/"
},
{
"name": "ADV-2007-3381",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3381"
},
{
"name": "38606",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38606"
},
{
"name": "borland-multiple-functions-bo(36956)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36956"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/exploit/15/"
},
{
"name": "38608",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38608"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/advisory/RISE-2007002/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/exploit/14/"
},
{
"name": "27058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27058"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/exploit/12/"
},
{
"name": "38605",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38605"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect function, (2) a long create request on TCP port 3050 to the (c) isc_create_database or (d) jrd8_create_database function, (3) a long attach request on TCP port 3050 to the (e) isc_attach_database or (f) PWD_db_aliased function, or unspecified vectors involving the (4) jrd8_attach_database or (5) expand_filename2 function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25917",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25917"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/blog/entry/3/"
},
{
"name": "1018772",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018772"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/exploit/10/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/exploit/9/"
},
{
"name": "38607",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38607"
},
{
"name": "38609",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38609"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/exploit/13/"
},
{
"name": "ADV-2007-3381",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3381"
},
{
"name": "38606",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38606"
},
{
"name": "borland-multiple-functions-bo(36956)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36956"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/exploit/15/"
},
{
"name": "38608",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38608"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/advisory/RISE-2007002/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/exploit/14/"
},
{
"name": "27058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27058"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/exploit/12/"
},
{
"name": "38605",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38605"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5243",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect function, (2) a long create request on TCP port 3050 to the (c) isc_create_database or (d) jrd8_create_database function, (3) a long attach request on TCP port 3050 to the (e) isc_attach_database or (f) PWD_db_aliased function, or unspecified vectors involving the (4) jrd8_attach_database or (5) expand_filename2 function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25917",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25917"
},
{
"name": "http://risesecurity.org/blog/entry/3/",
"refsource": "MISC",
"url": "http://risesecurity.org/blog/entry/3/"
},
{
"name": "1018772",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018772"
},
{
"name": "http://risesecurity.org/exploit/10/",
"refsource": "MISC",
"url": "http://risesecurity.org/exploit/10/"
},
{
"name": "http://risesecurity.org/exploit/9/",
"refsource": "MISC",
"url": "http://risesecurity.org/exploit/9/"
},
{
"name": "38607",
"refsource": "OSVDB",
"url": "http://osvdb.org/38607"
},
{
"name": "38609",
"refsource": "OSVDB",
"url": "http://osvdb.org/38609"
},
{
"name": "http://risesecurity.org/exploit/13/",
"refsource": "MISC",
"url": "http://risesecurity.org/exploit/13/"
},
{
"name": "ADV-2007-3381",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3381"
},
{
"name": "38606",
"refsource": "OSVDB",
"url": "http://osvdb.org/38606"
},
{
"name": "borland-multiple-functions-bo(36956)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36956"
},
{
"name": "http://risesecurity.org/exploit/15/",
"refsource": "MISC",
"url": "http://risesecurity.org/exploit/15/"
},
{
"name": "38608",
"refsource": "OSVDB",
"url": "http://osvdb.org/38608"
},
{
"name": "http://risesecurity.org/advisory/RISE-2007002/",
"refsource": "MISC",
"url": "http://risesecurity.org/advisory/RISE-2007002/"
},
{
"name": "http://risesecurity.org/exploit/14/",
"refsource": "MISC",
"url": "http://risesecurity.org/exploit/14/"
},
{
"name": "27058",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27058"
},
{
"name": "http://risesecurity.org/exploit/12/",
"refsource": "MISC",
"url": "http://risesecurity.org/exploit/12/"
},
{
"name": "38605",
"refsource": "OSVDB",
"url": "http://osvdb.org/38605"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5243",
"datePublished": "2007-10-06T17:00:00",
"dateReserved": "2007-10-06T00:00:00",
"dateUpdated": "2024-08-07T15:24:42.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5244 (GCVE-0-2007-5244)
Vulnerability from nvd – Published: 2007-10-06 17:00 – Updated: 2024-08-07 15:24
VLAI?
Summary
Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through 8.1.0.253 on Linux, and possibly unspecified versions on Solaris, allows remote attackers to execute arbitrary code via a long attach request on TCP port 3050 to the open_marker_file function.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:24:42.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25917",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25917"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/blog/entry/3/"
},
{
"name": "1018772",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018772"
},
{
"name": "ADV-2007-3381",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3381"
},
{
"name": "borland-multiple-functions-bo(36956)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36956"
},
{
"name": "38610",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38610"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/advisory/RISE-2007002/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/exploit/11/"
},
{
"name": "27058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27058"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through 8.1.0.253 on Linux, and possibly unspecified versions on Solaris, allows remote attackers to execute arbitrary code via a long attach request on TCP port 3050 to the open_marker_file function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25917",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25917"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/blog/entry/3/"
},
{
"name": "1018772",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018772"
},
{
"name": "ADV-2007-3381",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3381"
},
{
"name": "borland-multiple-functions-bo(36956)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36956"
},
{
"name": "38610",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38610"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/advisory/RISE-2007002/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/exploit/11/"
},
{
"name": "27058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27058"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5244",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through 8.1.0.253 on Linux, and possibly unspecified versions on Solaris, allows remote attackers to execute arbitrary code via a long attach request on TCP port 3050 to the open_marker_file function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25917",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25917"
},
{
"name": "http://risesecurity.org/blog/entry/3/",
"refsource": "MISC",
"url": "http://risesecurity.org/blog/entry/3/"
},
{
"name": "1018772",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018772"
},
{
"name": "ADV-2007-3381",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3381"
},
{
"name": "borland-multiple-functions-bo(36956)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36956"
},
{
"name": "38610",
"refsource": "OSVDB",
"url": "http://osvdb.org/38610"
},
{
"name": "http://risesecurity.org/advisory/RISE-2007002/",
"refsource": "MISC",
"url": "http://risesecurity.org/advisory/RISE-2007002/"
},
{
"name": "http://risesecurity.org/exploit/11/",
"refsource": "MISC",
"url": "http://risesecurity.org/exploit/11/"
},
{
"name": "27058",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27058"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5244",
"datePublished": "2007-10-06T17:00:00",
"dateReserved": "2007-10-06T00:00:00",
"dateUpdated": "2024-08-07T15:24:42.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3566 (GCVE-0-2007-3566)
Vulnerability from nvd – Published: 2007-07-26 18:00 – Updated: 2024-08-07 14:21
VLAI?
Summary
Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 before SP2 allows remote attackers to execute arbitrary code via a long size value in a create request to port 3050/tcp.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:21:36.159Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "interbase-create-bo(35574)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35574"
},
{
"name": "20070724 TPTI-07-13: Borland Interbase ibserver.exe Create-Request Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474561/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-13"
},
{
"name": "26189",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26189"
},
{
"name": "25048",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25048"
},
{
"name": "ADV-2007-2642",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2642"
},
{
"name": "2929",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2929"
},
{
"name": "1018451",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018451"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dvlabs.tippingpoint.com/blog/2007/07/24/step-by-step-of-how-tpti-07-013-was-discovered"
},
{
"name": "38602",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38602"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.codegear.com/downloads/regusers/interbase"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 before SP2 allows remote attackers to execute arbitrary code via a long size value in a create request to port 3050/tcp."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "interbase-create-bo(35574)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35574"
},
{
"name": "20070724 TPTI-07-13: Borland Interbase ibserver.exe Create-Request Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474561/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-13"
},
{
"name": "26189",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26189"
},
{
"name": "25048",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25048"
},
{
"name": "ADV-2007-2642",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2642"
},
{
"name": "2929",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2929"
},
{
"name": "1018451",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018451"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dvlabs.tippingpoint.com/blog/2007/07/24/step-by-step-of-how-tpti-07-013-was-discovered"
},
{
"name": "38602",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38602"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.codegear.com/downloads/regusers/interbase"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3566",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 before SP2 allows remote attackers to execute arbitrary code via a long size value in a create request to port 3050/tcp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "interbase-create-bo(35574)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35574"
},
{
"name": "20070724 TPTI-07-13: Borland Interbase ibserver.exe Create-Request Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474561/100/0/threaded"
},
{
"name": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-13",
"refsource": "MISC",
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-13"
},
{
"name": "26189",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26189"
},
{
"name": "25048",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25048"
},
{
"name": "ADV-2007-2642",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2642"
},
{
"name": "2929",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2929"
},
{
"name": "1018451",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018451"
},
{
"name": "http://dvlabs.tippingpoint.com/blog/2007/07/24/step-by-step-of-how-tpti-07-013-was-discovered",
"refsource": "MISC",
"url": "http://dvlabs.tippingpoint.com/blog/2007/07/24/step-by-step-of-how-tpti-07-013-was-discovered"
},
{
"name": "38602",
"refsource": "OSVDB",
"url": "http://osvdb.org/38602"
},
{
"name": "http://www.codegear.com/downloads/regusers/interbase",
"refsource": "MISC",
"url": "http://www.codegear.com/downloads/regusers/interbase"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3566",
"datePublished": "2007-07-26T18:00:00",
"dateReserved": "2007-07-05T00:00:00",
"dateUpdated": "2024-08-07T14:21:36.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2087 (GCVE-0-2002-2087)
Vulnerability from nvd – Published: 2005-08-05 04:00 – Updated: 2024-09-16 22:13
VLAI?
Summary
Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:51:17.491Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020618 Interbase 6.0 malloc() issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/06/msg00222.html"
},
{
"name": "5046",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5046"
},
{
"name": "5044",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5044"
},
{
"name": "interbase-interbase-variable-bo(9392)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9392.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-08-05T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020618 Interbase 6.0 malloc() issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/06/msg00222.html"
},
{
"name": "5046",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5046"
},
{
"name": "5044",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5044"
},
{
"name": "interbase-interbase-variable-bo(9392)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9392.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2087",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020618 Interbase 6.0 malloc() issues",
"refsource": "BUGTRAQ",
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/06/msg00222.html"
},
{
"name": "5046",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5046"
},
{
"name": "5044",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5044"
},
{
"name": "interbase-interbase-variable-bo(9392)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9392.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2087",
"datePublished": "2005-08-05T04:00:00Z",
"dateReserved": "2005-08-05T00:00:00Z",
"dateUpdated": "2024-09-16T22:13:59.442Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2043 (GCVE-0-2004-2043)
Vulnerability from nvd – Published: 2005-05-10 04:00 – Updated: 2024-08-08 01:15
VLAI?
Summary
Buffer overflow in ibserver for Firebird Database 1.0 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows remote attackers to cause a denial of service (crash) via a long database name, as demonstrated using the gsec command.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:15:01.209Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1014",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1014"
},
{
"name": "firebird-database-name-bo(16229)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16229"
},
{
"name": "19350",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19350"
},
{
"name": "20040601 Firebird Database Remote Database Name Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108611386202493\u0026w=2"
},
{
"name": "6624",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/6624"
},
{
"name": "20040602 Firebird [ AND Interbase 7 ] Database Remote Database Name Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0027.html"
},
{
"name": "interbase-database-name-bo(16316)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16316"
},
{
"name": "10446",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10446"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securiteam.com/unixfocus/5AP0P0UCUO.html"
},
{
"name": "1010381",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1010381"
},
{
"name": "6408",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/6408"
},
{
"name": "11756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11756"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-06-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in ibserver for Firebird Database 1.0 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows remote attackers to cause a denial of service (crash) via a long database name, as demonstrated using the gsec command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-1014",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1014"
},
{
"name": "firebird-database-name-bo(16229)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16229"
},
{
"name": "19350",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19350"
},
{
"name": "20040601 Firebird Database Remote Database Name Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108611386202493\u0026w=2"
},
{
"name": "6624",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/6624"
},
{
"name": "20040602 Firebird [ AND Interbase 7 ] Database Remote Database Name Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0027.html"
},
{
"name": "interbase-database-name-bo(16316)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16316"
},
{
"name": "10446",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10446"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securiteam.com/unixfocus/5AP0P0UCUO.html"
},
{
"name": "1010381",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1010381"
},
{
"name": "6408",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/6408"
},
{
"name": "11756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11756"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2043",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in ibserver for Firebird Database 1.0 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows remote attackers to cause a denial of service (crash) via a long database name, as demonstrated using the gsec command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-1014",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1014"
},
{
"name": "firebird-database-name-bo(16229)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16229"
},
{
"name": "19350",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19350"
},
{
"name": "20040601 Firebird Database Remote Database Name Overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108611386202493\u0026w=2"
},
{
"name": "6624",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6624"
},
{
"name": "20040602 Firebird [ AND Interbase 7 ] Database Remote Database Name Overflow",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0027.html"
},
{
"name": "interbase-database-name-bo(16316)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16316"
},
{
"name": "10446",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10446"
},
{
"name": "http://www.securiteam.com/unixfocus/5AP0P0UCUO.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/unixfocus/5AP0P0UCUO.html"
},
{
"name": "1010381",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1010381"
},
{
"name": "6408",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6408"
},
{
"name": "11756",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11756"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2043",
"datePublished": "2005-05-10T04:00:00",
"dateReserved": "2005-05-04T00:00:00",
"dateUpdated": "2024-08-08T01:15:01.209Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1833 (GCVE-0-2004-1833)
Vulnerability from nvd – Published: 2005-05-10 04:00 – Updated: 2024-08-08 01:07
VLAI?
Summary
The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which allows local users to gain database administrative privileges.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:07:48.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4381",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/4381"
},
{
"name": "1009500",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1009500"
},
{
"name": "9929",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9929"
},
{
"name": "20040319 Borland Interbase admin.ib Administrative Access Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=80\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"name": "11172",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11172"
},
{
"name": "interbase-admin-gain-privileges(15546)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15546"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which allows local users to gain database administrative privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4381",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/4381"
},
{
"name": "1009500",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1009500"
},
{
"name": "9929",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9929"
},
{
"name": "20040319 Borland Interbase admin.ib Administrative Access Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=80\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"name": "11172",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11172"
},
{
"name": "interbase-admin-gain-privileges(15546)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15546"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1833",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which allows local users to gain database administrative privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4381",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/4381"
},
{
"name": "1009500",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1009500"
},
{
"name": "9929",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9929"
},
{
"name": "20040319 Borland Interbase admin.ib Administrative Access Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=80\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"name": "11172",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11172"
},
{
"name": "interbase-admin-gain-privileges(15546)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15546"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1833",
"datePublished": "2005-05-10T04:00:00",
"dateReserved": "2005-05-04T00:00:00",
"dateUpdated": "2024-08-08T01:07:48.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1514 (GCVE-0-2002-1514)
Vulnerability from nvd – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:26
VLAI?
Summary
gds_lock_mgr in Borland InterBase allows local users to overwrite files and gain privileges via a symlink attack on a "isc_init1.X" temporary file, as demonstrated by modifying the xinetdbd file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:26:28.923Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "interbase-gdslockmgr-bo(10196)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10196.php"
},
{
"name": "20020925 Borland Interbase local root exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0311.html"
},
{
"name": "5805",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5805"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "gds_lock_mgr in Borland InterBase allows local users to overwrite files and gain privileges via a symlink attack on a \"isc_init1.X\" temporary file, as demonstrated by modifying the xinetdbd file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-21T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "interbase-gdslockmgr-bo(10196)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10196.php"
},
{
"name": "20020925 Borland Interbase local root exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0311.html"
},
{
"name": "5805",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5805"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1514",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "gds_lock_mgr in Borland InterBase allows local users to overwrite files and gain privileges via a symlink attack on a \"isc_init1.X\" temporary file, as demonstrated by modifying the xinetdbd file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "interbase-gdslockmgr-bo(10196)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10196.php"
},
{
"name": "20020925 Borland Interbase local root exploit",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0311.html"
},
{
"name": "5805",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5805"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1514",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2003-02-23T00:00:00",
"dateUpdated": "2024-08-08T03:26:28.923Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0197 (GCVE-0-2003-0197)
Vulnerability from nvd – Published: 2003-04-08 04:00 – Updated: 2024-08-08 01:43
VLAI?
Summary
Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:36.151Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030403 SRT2003-04-03-1300 - Interbase ISC_LOCK_ENV overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104940730819887\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.secnetops.com/research/advisories/SRT2003-04-03-1300.txt"
},
{
"name": "20030403 SRT2003-04-03-1300 - Interbase ISC_LOCK_ENV overflow",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030403 SRT2003-04-03-1300 - Interbase ISC_LOCK_ENV overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104940730819887\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.secnetops.com/research/advisories/SRT2003-04-03-1300.txt"
},
{
"name": "20030403 SRT2003-04-03-1300 - Interbase ISC_LOCK_ENV overflow",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0197",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030403 SRT2003-04-03-1300 - Interbase ISC_LOCK_ENV overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104940730819887\u0026w=2"
},
{
"name": "http://www.secnetops.com/research/advisories/SRT2003-04-03-1300.txt",
"refsource": "MISC",
"url": "http://www.secnetops.com/research/advisories/SRT2003-04-03-1300.txt"
},
{
"name": "20030403 SRT2003-04-03-1300 - Interbase ISC_LOCK_ENV overflow",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0197",
"datePublished": "2003-04-08T04:00:00",
"dateReserved": "2003-04-03T00:00:00",
"dateUpdated": "2024-08-08T01:43:36.151Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0008 (GCVE-0-2001-0008)
Vulnerability from nvd – Published: 2001-05-07 04:00 – Updated: 2024-08-08 04:06
VLAI?
Summary
Backdoor account in Interbase database server allows remote attackers to overwrite arbitrary files using stored procedures.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:06:54.604Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "interbase-backdoor-account(5911)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5911"
},
{
"name": "2192",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2192"
},
{
"name": "CA-2001-01",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2001-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Backdoor account in Interbase database server allows remote attackers to overwrite arbitrary files using stored procedures."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "interbase-backdoor-account(5911)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5911"
},
{
"name": "2192",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2192"
},
{
"name": "CA-2001-01",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2001-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0008",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Backdoor account in Interbase database server allows remote attackers to overwrite arbitrary files using stored procedures."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "interbase-backdoor-account(5911)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5911"
},
{
"name": "2192",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2192"
},
{
"name": "CA-2001-01",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2001-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0008",
"datePublished": "2001-05-07T04:00:00",
"dateReserved": "2001-01-10T00:00:00",
"dateUpdated": "2024-08-08T04:06:54.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}