Search criteria
14 vulnerabilities by borland_software
CVE-2007-5244 (GCVE-0-2007-5244)
Vulnerability from cvelistv5 – Published: 2007-10-06 17:00 – Updated: 2024-08-07 15:24
VLAI?
Summary
Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through 8.1.0.253 on Linux, and possibly unspecified versions on Solaris, allows remote attackers to execute arbitrary code via a long attach request on TCP port 3050 to the open_marker_file function.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:24:42.165Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25917",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25917"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/blog/entry/3/"
},
{
"name": "1018772",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018772"
},
{
"name": "ADV-2007-3381",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3381"
},
{
"name": "borland-multiple-functions-bo(36956)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36956"
},
{
"name": "38610",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38610"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/advisory/RISE-2007002/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/exploit/11/"
},
{
"name": "27058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27058"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through 8.1.0.253 on Linux, and possibly unspecified versions on Solaris, allows remote attackers to execute arbitrary code via a long attach request on TCP port 3050 to the open_marker_file function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25917",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25917"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/blog/entry/3/"
},
{
"name": "1018772",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018772"
},
{
"name": "ADV-2007-3381",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3381"
},
{
"name": "borland-multiple-functions-bo(36956)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36956"
},
{
"name": "38610",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38610"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/advisory/RISE-2007002/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/exploit/11/"
},
{
"name": "27058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27058"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5244",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through 8.1.0.253 on Linux, and possibly unspecified versions on Solaris, allows remote attackers to execute arbitrary code via a long attach request on TCP port 3050 to the open_marker_file function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25917",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25917"
},
{
"name": "http://risesecurity.org/blog/entry/3/",
"refsource": "MISC",
"url": "http://risesecurity.org/blog/entry/3/"
},
{
"name": "1018772",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018772"
},
{
"name": "ADV-2007-3381",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3381"
},
{
"name": "borland-multiple-functions-bo(36956)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36956"
},
{
"name": "38610",
"refsource": "OSVDB",
"url": "http://osvdb.org/38610"
},
{
"name": "http://risesecurity.org/advisory/RISE-2007002/",
"refsource": "MISC",
"url": "http://risesecurity.org/advisory/RISE-2007002/"
},
{
"name": "http://risesecurity.org/exploit/11/",
"refsource": "MISC",
"url": "http://risesecurity.org/exploit/11/"
},
{
"name": "27058",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27058"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5244",
"datePublished": "2007-10-06T17:00:00",
"dateReserved": "2007-10-06T00:00:00",
"dateUpdated": "2024-08-07T15:24:42.165Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5243 (GCVE-0-2007-5243)
Vulnerability from cvelistv5 – Published: 2007-10-06 17:00 – Updated: 2024-08-07 15:24
VLAI?
Summary
Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect function, (2) a long create request on TCP port 3050 to the (c) isc_create_database or (d) jrd8_create_database function, (3) a long attach request on TCP port 3050 to the (e) isc_attach_database or (f) PWD_db_aliased function, or unspecified vectors involving the (4) jrd8_attach_database or (5) expand_filename2 function.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:24:42.138Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "25917",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25917"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/blog/entry/3/"
},
{
"name": "1018772",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018772"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/exploit/10/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/exploit/9/"
},
{
"name": "38607",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38607"
},
{
"name": "38609",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38609"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/exploit/13/"
},
{
"name": "ADV-2007-3381",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3381"
},
{
"name": "38606",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38606"
},
{
"name": "borland-multiple-functions-bo(36956)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36956"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/exploit/15/"
},
{
"name": "38608",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38608"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/advisory/RISE-2007002/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/exploit/14/"
},
{
"name": "27058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27058"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://risesecurity.org/exploit/12/"
},
{
"name": "38605",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38605"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect function, (2) a long create request on TCP port 3050 to the (c) isc_create_database or (d) jrd8_create_database function, (3) a long attach request on TCP port 3050 to the (e) isc_attach_database or (f) PWD_db_aliased function, or unspecified vectors involving the (4) jrd8_attach_database or (5) expand_filename2 function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "25917",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25917"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/blog/entry/3/"
},
{
"name": "1018772",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018772"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/exploit/10/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/exploit/9/"
},
{
"name": "38607",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38607"
},
{
"name": "38609",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38609"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/exploit/13/"
},
{
"name": "ADV-2007-3381",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3381"
},
{
"name": "38606",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38606"
},
{
"name": "borland-multiple-functions-bo(36956)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36956"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/exploit/15/"
},
{
"name": "38608",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38608"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/advisory/RISE-2007002/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/exploit/14/"
},
{
"name": "27058",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27058"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://risesecurity.org/exploit/12/"
},
{
"name": "38605",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38605"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5243",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect function, (2) a long create request on TCP port 3050 to the (c) isc_create_database or (d) jrd8_create_database function, (3) a long attach request on TCP port 3050 to the (e) isc_attach_database or (f) PWD_db_aliased function, or unspecified vectors involving the (4) jrd8_attach_database or (5) expand_filename2 function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "25917",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25917"
},
{
"name": "http://risesecurity.org/blog/entry/3/",
"refsource": "MISC",
"url": "http://risesecurity.org/blog/entry/3/"
},
{
"name": "1018772",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018772"
},
{
"name": "http://risesecurity.org/exploit/10/",
"refsource": "MISC",
"url": "http://risesecurity.org/exploit/10/"
},
{
"name": "http://risesecurity.org/exploit/9/",
"refsource": "MISC",
"url": "http://risesecurity.org/exploit/9/"
},
{
"name": "38607",
"refsource": "OSVDB",
"url": "http://osvdb.org/38607"
},
{
"name": "38609",
"refsource": "OSVDB",
"url": "http://osvdb.org/38609"
},
{
"name": "http://risesecurity.org/exploit/13/",
"refsource": "MISC",
"url": "http://risesecurity.org/exploit/13/"
},
{
"name": "ADV-2007-3381",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3381"
},
{
"name": "38606",
"refsource": "OSVDB",
"url": "http://osvdb.org/38606"
},
{
"name": "borland-multiple-functions-bo(36956)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36956"
},
{
"name": "http://risesecurity.org/exploit/15/",
"refsource": "MISC",
"url": "http://risesecurity.org/exploit/15/"
},
{
"name": "38608",
"refsource": "OSVDB",
"url": "http://osvdb.org/38608"
},
{
"name": "http://risesecurity.org/advisory/RISE-2007002/",
"refsource": "MISC",
"url": "http://risesecurity.org/advisory/RISE-2007002/"
},
{
"name": "http://risesecurity.org/exploit/14/",
"refsource": "MISC",
"url": "http://risesecurity.org/exploit/14/"
},
{
"name": "27058",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27058"
},
{
"name": "http://risesecurity.org/exploit/12/",
"refsource": "MISC",
"url": "http://risesecurity.org/exploit/12/"
},
{
"name": "38605",
"refsource": "OSVDB",
"url": "http://osvdb.org/38605"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5243",
"datePublished": "2007-10-06T17:00:00",
"dateReserved": "2007-10-06T00:00:00",
"dateUpdated": "2024-08-07T15:24:42.138Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-3566 (GCVE-0-2007-3566)
Vulnerability from cvelistv5 – Published: 2007-07-26 18:00 – Updated: 2024-08-07 14:21
VLAI?
Summary
Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 before SP2 allows remote attackers to execute arbitrary code via a long size value in a create request to port 3050/tcp.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T14:21:36.159Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "interbase-create-bo(35574)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35574"
},
{
"name": "20070724 TPTI-07-13: Borland Interbase ibserver.exe Create-Request Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/474561/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-13"
},
{
"name": "26189",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26189"
},
{
"name": "25048",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/25048"
},
{
"name": "ADV-2007-2642",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2642"
},
{
"name": "2929",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/2929"
},
{
"name": "1018451",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018451"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dvlabs.tippingpoint.com/blog/2007/07/24/step-by-step-of-how-tpti-07-013-was-discovered"
},
{
"name": "38602",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/38602"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.codegear.com/downloads/regusers/interbase"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 before SP2 allows remote attackers to execute arbitrary code via a long size value in a create request to port 3050/tcp."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "interbase-create-bo(35574)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35574"
},
{
"name": "20070724 TPTI-07-13: Borland Interbase ibserver.exe Create-Request Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/474561/100/0/threaded"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-13"
},
{
"name": "26189",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26189"
},
{
"name": "25048",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/25048"
},
{
"name": "ADV-2007-2642",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2642"
},
{
"name": "2929",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/2929"
},
{
"name": "1018451",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018451"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dvlabs.tippingpoint.com/blog/2007/07/24/step-by-step-of-how-tpti-07-013-was-discovered"
},
{
"name": "38602",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/38602"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.codegear.com/downloads/regusers/interbase"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-3566",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 before SP2 allows remote attackers to execute arbitrary code via a long size value in a create request to port 3050/tcp."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "interbase-create-bo(35574)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/35574"
},
{
"name": "20070724 TPTI-07-13: Borland Interbase ibserver.exe Create-Request Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/474561/100/0/threaded"
},
{
"name": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-13",
"refsource": "MISC",
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-07-13"
},
{
"name": "26189",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26189"
},
{
"name": "25048",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/25048"
},
{
"name": "ADV-2007-2642",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2642"
},
{
"name": "2929",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/2929"
},
{
"name": "1018451",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018451"
},
{
"name": "http://dvlabs.tippingpoint.com/blog/2007/07/24/step-by-step-of-how-tpti-07-013-was-discovered",
"refsource": "MISC",
"url": "http://dvlabs.tippingpoint.com/blog/2007/07/24/step-by-step-of-how-tpti-07-013-was-discovered"
},
{
"name": "38602",
"refsource": "OSVDB",
"url": "http://osvdb.org/38602"
},
{
"name": "http://www.codegear.com/downloads/regusers/interbase",
"refsource": "MISC",
"url": "http://www.codegear.com/downloads/regusers/interbase"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-3566",
"datePublished": "2007-07-26T18:00:00",
"dateReserved": "2007-07-05T00:00:00",
"dateUpdated": "2024-08-07T14:21:36.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-6201 (GCVE-0-2006-6201)
Vulnerability from cvelistv5 – Published: 2006-12-01 01:00 – Updated: 2024-08-07 20:19
VLAI?
Summary
Heap-based buffer overflow in Borland idsql32.dll 5.1.0.4, as used by RevilloC MailServer; 5.2.0.2 as used by Borland Developer Studio 2006; and possibly other versions allows remote attackers to execute arbitrary code via a long SQL statement, related to use of the DbiQExec function.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T20:19:35.010Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "borland-idsql32-bo(30583)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30583"
},
{
"name": "22570",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22570"
},
{
"name": "ADV-2006-4763",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4763"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://secunia.com/secunia_research/2006-70/advisory/"
},
{
"name": "21342",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/21342"
},
{
"name": "20061129 Secunia Research: Borland Products idsql32.dll Buffer OverflowVulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/453003/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-11-29T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in Borland idsql32.dll 5.1.0.4, as used by RevilloC MailServer; 5.2.0.2 as used by Borland Developer Studio 2006; and possibly other versions allows remote attackers to execute arbitrary code via a long SQL statement, related to use of the DbiQExec function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-17T20:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "borland-idsql32-bo(30583)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30583"
},
{
"name": "22570",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22570"
},
{
"name": "ADV-2006-4763",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4763"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://secunia.com/secunia_research/2006-70/advisory/"
},
{
"name": "21342",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/21342"
},
{
"name": "20061129 Secunia Research: Borland Products idsql32.dll Buffer OverflowVulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/453003/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-6201",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in Borland idsql32.dll 5.1.0.4, as used by RevilloC MailServer; 5.2.0.2 as used by Borland Developer Studio 2006; and possibly other versions allows remote attackers to execute arbitrary code via a long SQL statement, related to use of the DbiQExec function."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "borland-idsql32-bo(30583)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/30583"
},
{
"name": "22570",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22570"
},
{
"name": "ADV-2006-4763",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4763"
},
{
"name": "http://secunia.com/secunia_research/2006-70/advisory/",
"refsource": "MISC",
"url": "http://secunia.com/secunia_research/2006-70/advisory/"
},
{
"name": "21342",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/21342"
},
{
"name": "20061129 Secunia Research: Borland Products idsql32.dll Buffer OverflowVulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/453003/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-6201",
"datePublished": "2006-12-01T01:00:00",
"dateReserved": "2006-11-30T00:00:00",
"dateUpdated": "2024-08-07T20:19:35.010Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-0634 (GCVE-0-2006-0634)
Vulnerability from cvelistv5 – Published: 2006-02-10 11:00 – Updated: 2024-08-07 16:41
VLAI?
Summary
Borland C++Builder 6 (BCB6) with Update Pack 4 Enterprise edition (ent_upd4) evaluates the "i>sizeof(int)" expression to false when i equals -1, which might introduce integer overflow vulnerabilities into applications that could be exploited by context-dependent attackers.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:41:29.002Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "22953",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/22953"
},
{
"name": "20060206 [xfocus-SD-060206]BCB compiler incorrect deal sizeof operator vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/424085/100/0/threaded"
},
{
"name": "bcb-compiler-integer-overflow(24514)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24514"
},
{
"name": "1015588",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015588"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.xfocus.net/releases/200602/a849.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Borland C++Builder 6 (BCB6) with Update Pack 4 Enterprise edition (ent_upd4) evaluates the \"i\u003esizeof(int)\" expression to false when i equals -1, which might introduce integer overflow vulnerabilities into applications that could be exploited by context-dependent attackers."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "22953",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/22953"
},
{
"name": "20060206 [xfocus-SD-060206]BCB compiler incorrect deal sizeof operator vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/424085/100/0/threaded"
},
{
"name": "bcb-compiler-integer-overflow(24514)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24514"
},
{
"name": "1015588",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015588"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.xfocus.net/releases/200602/a849.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0634",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Borland C++Builder 6 (BCB6) with Update Pack 4 Enterprise edition (ent_upd4) evaluates the \"i\u003esizeof(int)\" expression to false when i equals -1, which might introduce integer overflow vulnerabilities into applications that could be exploited by context-dependent attackers."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "22953",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/22953"
},
{
"name": "20060206 [xfocus-SD-060206]BCB compiler incorrect deal sizeof operator vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/424085/100/0/threaded"
},
{
"name": "bcb-compiler-integer-overflow(24514)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24514"
},
{
"name": "1015588",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015588"
},
{
"name": "http://www.xfocus.net/releases/200602/a849.html",
"refsource": "MISC",
"url": "http://www.xfocus.net/releases/200602/a849.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0634",
"datePublished": "2006-02-10T11:00:00",
"dateReserved": "2006-02-10T00:00:00",
"dateUpdated": "2024-08-07T16:41:29.002Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-2087 (GCVE-0-2002-2087)
Vulnerability from cvelistv5 – Published: 2005-08-05 04:00 – Updated: 2024-09-16 22:13
VLAI?
Summary
Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:51:17.491Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20020618 Interbase 6.0 malloc() issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/06/msg00222.html"
},
{
"name": "5046",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5046"
},
{
"name": "5044",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5044"
},
{
"name": "interbase-interbase-variable-bo(9392)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/9392.php"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-08-05T04:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20020618 Interbase 6.0 malloc() issues",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/06/msg00222.html"
},
{
"name": "5046",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5046"
},
{
"name": "5044",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5044"
},
{
"name": "interbase-interbase-variable-bo(9392)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/9392.php"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-2087",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20020618 Interbase 6.0 malloc() issues",
"refsource": "BUGTRAQ",
"url": "http://cert.uni-stuttgart.de/archive/bugtraq/2002/06/msg00222.html"
},
{
"name": "5046",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5046"
},
{
"name": "5044",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5044"
},
{
"name": "interbase-interbase-variable-bo(9392)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/9392.php"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-2087",
"datePublished": "2005-08-05T04:00:00Z",
"dateReserved": "2005-08-05T00:00:00Z",
"dateUpdated": "2024-09-16T22:13:59.442Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2121 (GCVE-0-2004-2121)
Vulnerability from cvelistv5 – Published: 2005-05-27 04:00 – Updated: 2024-08-08 01:15
VLAI?
Summary
Multiple directory traversal vulnerabilities in Borland Web Server (BWS) 1.0b3 and earlier allow remote attackers to read and download arbitrary files via (1) multi-dot "......" sequences, or (2) "%5c%2e%2e" (encoded "\..") sequences, in the URL.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:15:01.639Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "9486",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9486"
},
{
"name": "1008840",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1008840"
},
{
"name": "bws-directory-traversal(14948)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14948"
},
{
"name": "20040124 BWS v1.0b3 Directory Transversal Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107497413413907\u0026w=2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple directory traversal vulnerabilities in Borland Web Server (BWS) 1.0b3 and earlier allow remote attackers to read and download arbitrary files via (1) multi-dot \"......\" sequences, or (2) \"%5c%2e%2e\" (encoded \"\\..\") sequences, in the URL."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "9486",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9486"
},
{
"name": "1008840",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1008840"
},
{
"name": "bws-directory-traversal(14948)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14948"
},
{
"name": "20040124 BWS v1.0b3 Directory Transversal Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=107497413413907\u0026w=2"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2121",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple directory traversal vulnerabilities in Borland Web Server (BWS) 1.0b3 and earlier allow remote attackers to read and download arbitrary files via (1) multi-dot \"......\" sequences, or (2) \"%5c%2e%2e\" (encoded \"\\..\") sequences, in the URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "9486",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9486"
},
{
"name": "1008840",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1008840"
},
{
"name": "bws-directory-traversal(14948)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14948"
},
{
"name": "20040124 BWS v1.0b3 Directory Transversal Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=107497413413907\u0026w=2"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2121",
"datePublished": "2005-05-27T04:00:00",
"dateReserved": "2005-05-27T00:00:00",
"dateUpdated": "2024-08-08T01:15:01.639Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1833 (GCVE-0-2004-1833)
Vulnerability from cvelistv5 – Published: 2005-05-10 04:00 – Updated: 2024-08-08 01:07
VLAI?
Summary
The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which allows local users to gain database administrative privileges.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:07:48.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "4381",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/4381"
},
{
"name": "1009500",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1009500"
},
{
"name": "9929",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9929"
},
{
"name": "20040319 Borland Interbase admin.ib Administrative Access Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE",
"x_transferred"
],
"url": "http://www.idefense.com/application/poi/display?id=80\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"name": "11172",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11172"
},
{
"name": "interbase-admin-gain-privileges(15546)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15546"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-03-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which allows local users to gain database administrative privileges."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "4381",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/4381"
},
{
"name": "1009500",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1009500"
},
{
"name": "9929",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9929"
},
{
"name": "20040319 Borland Interbase admin.ib Administrative Access Vulnerability",
"tags": [
"third-party-advisory",
"x_refsource_IDEFENSE"
],
"url": "http://www.idefense.com/application/poi/display?id=80\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"name": "11172",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11172"
},
{
"name": "interbase-admin-gain-privileges(15546)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15546"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1833",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which allows local users to gain database administrative privileges."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "4381",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/4381"
},
{
"name": "1009500",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1009500"
},
{
"name": "9929",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9929"
},
{
"name": "20040319 Borland Interbase admin.ib Administrative Access Vulnerability",
"refsource": "IDEFENSE",
"url": "http://www.idefense.com/application/poi/display?id=80\u0026type=vulnerabilities\u0026flashstatus=true"
},
{
"name": "11172",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11172"
},
{
"name": "interbase-admin-gain-privileges(15546)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15546"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1833",
"datePublished": "2005-05-10T04:00:00",
"dateReserved": "2005-05-04T00:00:00",
"dateUpdated": "2024-08-08T01:07:48.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-2043 (GCVE-0-2004-2043)
Vulnerability from cvelistv5 – Published: 2005-05-10 04:00 – Updated: 2024-08-08 01:15
VLAI?
Summary
Buffer overflow in ibserver for Firebird Database 1.0 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows remote attackers to cause a denial of service (crash) via a long database name, as demonstrated using the gsec command.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:15:01.209Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "DSA-1014",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1014"
},
{
"name": "firebird-database-name-bo(16229)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16229"
},
{
"name": "19350",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/19350"
},
{
"name": "20040601 Firebird Database Remote Database Name Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108611386202493\u0026w=2"
},
{
"name": "6624",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/6624"
},
{
"name": "20040602 Firebird [ AND Interbase 7 ] Database Remote Database Name Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0027.html"
},
{
"name": "interbase-database-name-bo(16316)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16316"
},
{
"name": "10446",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10446"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.securiteam.com/unixfocus/5AP0P0UCUO.html"
},
{
"name": "1010381",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1010381"
},
{
"name": "6408",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/6408"
},
{
"name": "11756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11756"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-06-01T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in ibserver for Firebird Database 1.0 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows remote attackers to cause a denial of service (crash) via a long database name, as demonstrated using the gsec command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "DSA-1014",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1014"
},
{
"name": "firebird-database-name-bo(16229)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16229"
},
{
"name": "19350",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/19350"
},
{
"name": "20040601 Firebird Database Remote Database Name Overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108611386202493\u0026w=2"
},
{
"name": "6624",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/6624"
},
{
"name": "20040602 Firebird [ AND Interbase 7 ] Database Remote Database Name Overflow",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0027.html"
},
{
"name": "interbase-database-name-bo(16316)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16316"
},
{
"name": "10446",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10446"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.securiteam.com/unixfocus/5AP0P0UCUO.html"
},
{
"name": "1010381",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1010381"
},
{
"name": "6408",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/6408"
},
{
"name": "11756",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11756"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-2043",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in ibserver for Firebird Database 1.0 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows remote attackers to cause a denial of service (crash) via a long database name, as demonstrated using the gsec command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "DSA-1014",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1014"
},
{
"name": "firebird-database-name-bo(16229)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16229"
},
{
"name": "19350",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/19350"
},
{
"name": "20040601 Firebird Database Remote Database Name Overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108611386202493\u0026w=2"
},
{
"name": "6624",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6624"
},
{
"name": "20040602 Firebird [ AND Interbase 7 ] Database Remote Database Name Overflow",
"refsource": "FULLDISC",
"url": "http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0027.html"
},
{
"name": "interbase-database-name-bo(16316)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16316"
},
{
"name": "10446",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10446"
},
{
"name": "http://www.securiteam.com/unixfocus/5AP0P0UCUO.html",
"refsource": "MISC",
"url": "http://www.securiteam.com/unixfocus/5AP0P0UCUO.html"
},
{
"name": "1010381",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1010381"
},
{
"name": "6408",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6408"
},
{
"name": "11756",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11756"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-2043",
"datePublished": "2005-05-10T04:00:00",
"dateReserved": "2005-05-04T00:00:00",
"dateUpdated": "2024-08-08T01:15:01.209Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2002-1514 (GCVE-0-2002-1514)
Vulnerability from cvelistv5 – Published: 2004-09-01 04:00 – Updated: 2024-08-08 03:26
VLAI?
Summary
gds_lock_mgr in Borland InterBase allows local users to overwrite files and gain privileges via a symlink attack on a "isc_init1.X" temporary file, as demonstrated by modifying the xinetdbd file.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:26:28.923Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "interbase-gdslockmgr-bo(10196)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "http://www.iss.net/security_center/static/10196.php"
},
{
"name": "20020925 Borland Interbase local root exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0311.html"
},
{
"name": "5805",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/5805"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-09-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "gds_lock_mgr in Borland InterBase allows local users to overwrite files and gain privileges via a symlink attack on a \"isc_init1.X\" temporary file, as demonstrated by modifying the xinetdbd file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2003-03-21T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "interbase-gdslockmgr-bo(10196)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "http://www.iss.net/security_center/static/10196.php"
},
{
"name": "20020925 Borland Interbase local root exploit",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0311.html"
},
{
"name": "5805",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/5805"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1514",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "gds_lock_mgr in Borland InterBase allows local users to overwrite files and gain privileges via a symlink attack on a \"isc_init1.X\" temporary file, as demonstrated by modifying the xinetdbd file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "interbase-gdslockmgr-bo(10196)",
"refsource": "XF",
"url": "http://www.iss.net/security_center/static/10196.php"
},
{
"name": "20020925 Borland Interbase local root exploit",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-09/0311.html"
},
{
"name": "5805",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/5805"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1514",
"datePublished": "2004-09-01T04:00:00",
"dateReserved": "2003-02-23T00:00:00",
"dateUpdated": "2024-08-08T03:26:28.923Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-0204 (GCVE-0-2004-0204)
Vulnerability from cvelistv5 – Published: 2004-06-11 04:00 – Updated: 2024-08-08 00:10
VLAI?
Summary
Directory traversal vulnerability in the web viewers for Business Objects Crystal Reports 9 and 10, and Crystal Enterprise 9 or 10, as used in Visual Studio .NET 2003 and Outlook 2003 with Business Contact Manager, Microsoft Business Solutions CRM 1.2, and other products, allows remote attackers to read and delete arbitrary files via ".." sequences in the dynamicimag argument to crystalimagehandler.aspx.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:10:03.760Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20040502 Crystal Reports Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108360413811017\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.businessobjects.com/fix/hot/critical/bulletins/security_bulletin_june04.asp"
},
{
"name": "11800",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/11800"
},
{
"name": "20040608 Vulnerability: Arbitrary File Access \u0026 DoS in Crystal Reports",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108671836127360\u0026w=2"
},
{
"name": "crystalreports-file-deletion(16044)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16044"
},
{
"name": "6748",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/6748"
},
{
"name": "10260",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/10260"
},
{
"name": "oval:org.mitre.oval:def:1157",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1157"
},
{
"name": "MS04-017",
"tags": [
"vendor-advisory",
"x_refsource_MS",
"x_transferred"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-017"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-06-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the web viewers for Business Objects Crystal Reports 9 and 10, and Crystal Enterprise 9 or 10, as used in Visual Studio .NET 2003 and Outlook 2003 with Business Contact Manager, Microsoft Business Solutions CRM 1.2, and other products, allows remote attackers to read and delete arbitrary files via \"..\" sequences in the dynamicimag argument to crystalimagehandler.aspx."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20040502 Crystal Reports Vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108360413811017\u0026w=2"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.businessobjects.com/fix/hot/critical/bulletins/security_bulletin_june04.asp"
},
{
"name": "11800",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/11800"
},
{
"name": "20040608 Vulnerability: Arbitrary File Access \u0026 DoS in Crystal Reports",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=108671836127360\u0026w=2"
},
{
"name": "crystalreports-file-deletion(16044)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16044"
},
{
"name": "6748",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/6748"
},
{
"name": "10260",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/10260"
},
{
"name": "oval:org.mitre.oval:def:1157",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1157"
},
{
"name": "MS04-017",
"tags": [
"vendor-advisory",
"x_refsource_MS"
],
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-017"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-0204",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the web viewers for Business Objects Crystal Reports 9 and 10, and Crystal Enterprise 9 or 10, as used in Visual Studio .NET 2003 and Outlook 2003 with Business Contact Manager, Microsoft Business Solutions CRM 1.2, and other products, allows remote attackers to read and delete arbitrary files via \"..\" sequences in the dynamicimag argument to crystalimagehandler.aspx."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20040502 Crystal Reports Vulnerabilities",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108360413811017\u0026w=2"
},
{
"name": "http://support.businessobjects.com/fix/hot/critical/bulletins/security_bulletin_june04.asp",
"refsource": "CONFIRM",
"url": "http://support.businessobjects.com/fix/hot/critical/bulletins/security_bulletin_june04.asp"
},
{
"name": "11800",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/11800"
},
{
"name": "20040608 Vulnerability: Arbitrary File Access \u0026 DoS in Crystal Reports",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=108671836127360\u0026w=2"
},
{
"name": "crystalreports-file-deletion(16044)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16044"
},
{
"name": "6748",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/6748"
},
{
"name": "10260",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/10260"
},
{
"name": "oval:org.mitre.oval:def:1157",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1157"
},
{
"name": "MS04-017",
"refsource": "MS",
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-017"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-0204",
"datePublished": "2004-06-11T04:00:00",
"dateReserved": "2004-03-11T00:00:00",
"dateUpdated": "2024-08-08T00:10:03.760Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2003-0197 (GCVE-0-2003-0197)
Vulnerability from cvelistv5 – Published: 2003-04-08 04:00 – Updated: 2024-08-08 01:43
VLAI?
Summary
Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK).
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:43:36.151Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20030403 SRT2003-04-03-1300 - Interbase ISC_LOCK_ENV overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104940730819887\u0026w=2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.secnetops.com/research/advisories/SRT2003-04-03-1300.txt"
},
{
"name": "20030403 SRT2003-04-03-1300 - Interbase ISC_LOCK_ENV overflow",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0003.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2003-04-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2016-10-17T13:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20030403 SRT2003-04-03-1300 - Interbase ISC_LOCK_ENV overflow",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://marc.info/?l=bugtraq\u0026m=104940730819887\u0026w=2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.secnetops.com/research/advisories/SRT2003-04-03-1300.txt"
},
{
"name": "20030403 SRT2003-04-03-1300 - Interbase ISC_LOCK_ENV overflow",
"tags": [
"mailing-list",
"x_refsource_VULNWATCH"
],
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0003.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2003-0197",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20030403 SRT2003-04-03-1300 - Interbase ISC_LOCK_ENV overflow",
"refsource": "BUGTRAQ",
"url": "http://marc.info/?l=bugtraq\u0026m=104940730819887\u0026w=2"
},
{
"name": "http://www.secnetops.com/research/advisories/SRT2003-04-03-1300.txt",
"refsource": "MISC",
"url": "http://www.secnetops.com/research/advisories/SRT2003-04-03-1300.txt"
},
{
"name": "20030403 SRT2003-04-03-1300 - Interbase ISC_LOCK_ENV overflow",
"refsource": "VULNWATCH",
"url": "http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0003.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2003-0197",
"datePublished": "2003-04-08T04:00:00",
"dateReserved": "2003-04-03T00:00:00",
"dateUpdated": "2024-08-08T01:43:36.151Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2001-0008 (GCVE-0-2001-0008)
Vulnerability from cvelistv5 – Published: 2001-05-07 04:00 – Updated: 2024-08-08 04:06
VLAI?
Summary
Backdoor account in Interbase database server allows remote attackers to overwrite arbitrary files using stored procedures.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T04:06:54.604Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "interbase-backdoor-account(5911)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5911"
},
{
"name": "2192",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/2192"
},
{
"name": "CA-2001-01",
"tags": [
"third-party-advisory",
"x_refsource_CERT",
"x_transferred"
],
"url": "http://www.cert.org/advisories/CA-2001-01.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2001-01-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Backdoor account in Interbase database server allows remote attackers to overwrite arbitrary files using stored procedures."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2005-11-02T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "interbase-backdoor-account(5911)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5911"
},
{
"name": "2192",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/2192"
},
{
"name": "CA-2001-01",
"tags": [
"third-party-advisory",
"x_refsource_CERT"
],
"url": "http://www.cert.org/advisories/CA-2001-01.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2001-0008",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Backdoor account in Interbase database server allows remote attackers to overwrite arbitrary files using stored procedures."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "interbase-backdoor-account(5911)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5911"
},
{
"name": "2192",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/2192"
},
{
"name": "CA-2001-01",
"refsource": "CERT",
"url": "http://www.cert.org/advisories/CA-2001-01.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2001-0008",
"datePublished": "2001-05-07T04:00:00",
"dateReserved": "2001-01-10T00:00:00",
"dateUpdated": "2024-08-08T04:06:54.604Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2000-0866 (GCVE-0-2000-0866)
Vulnerability from cvelistv5 – Published: 2000-10-18 04:00 – Updated: 2024-08-08 05:37
VLAI?
Summary
Interbase 6 SuperServer for Linux allows an attacker to cause a denial of service via a query containing 0 bytes.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T05:37:31.467Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20000907 SEGFAULTING Interbase 6 SS Linux",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0027.html"
},
{
"name": "1654",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/1654"
},
{
"name": "interbase-query-dos(5205)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5205"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2000-09-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Interbase 6 SuperServer for Linux allows an attacker to cause a denial of service via a query containing 0 bytes."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-18T21:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20000907 SEGFAULTING Interbase 6 SS Linux",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0027.html"
},
{
"name": "1654",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/1654"
},
{
"name": "interbase-query-dos(5205)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5205"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2000-0866",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Interbase 6 SuperServer for Linux allows an attacker to cause a denial of service via a query containing 0 bytes."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20000907 SEGFAULTING Interbase 6 SS Linux",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2000-09/0027.html"
},
{
"name": "1654",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/1654"
},
{
"name": "interbase-query-dos(5205)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/5205"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2000-0866",
"datePublished": "2000-10-18T04:00:00",
"dateReserved": "2000-10-18T00:00:00",
"dateUpdated": "2024-08-08T05:37:31.467Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}