Lucene search

[email protected]CVE-2007-5243

HistoryOct 06, 2007 - 5:17 p.m.

CVE-2007-5243

2007-10-0617:17:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2007-5243

buffer overflow

borland interbase

security vulnerability

remote code execution

7.7 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.486 Medium

EPSS

Percentile

97.5%

JSON

Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect function, (2) a long create request on TCP port 3050 to the © isc_create_database or (d) jrd8_create_database function, (3) a long attach request on TCP port 3050 to the (e) isc_attach_database or (f) PWD_db_aliased function, or unspecified vectors involving the (4) jrd8_attach_database or (5) expand_filename2 function.

CPENameOperatorVersion
borland_software:interbaseborland software interbaseeqli_8.0.0.54
borland_software:interbaseborland software interbaseeqwi-v7.5.0.129
borland_software:interbaseborland software interbaseeqwi-v6.0.1.6
borland_software:interbaseborland software interbaseeqwi-v5.1.1.680
borland_software:interbaseborland software interbaseeqwi-v8.0.0.123
borland_software:interbaseborland software interbaseeqwi-v5.5.0.742
borland_software:interbaseborland software interbaseeqwi_5.1.1.680
borland_software:interbaseborland software interbaseeqwi-v6.0.0.627
borland_software:interbaseborland software interbaseeqli_8.0.0.253
borland_software:interbaseborland software interbaseeqwi-v7.0.1.1

CPE	Name	Operator	Version
borland_software:interbase	borland software interbase	eq	li_8.0.0.54
borland_software:interbase	borland software interbase	eq	wi-v7.5.0.129
borland_software:interbase	borland software interbase	eq	wi-v6.0.1.6
borland_software:interbase	borland software interbase	eq	wi-v5.1.1.680
borland_software:interbase	borland software interbase	eq	wi-v8.0.0.123
borland_software:interbase	borland software interbase	eq	wi-v5.5.0.742
borland_software:interbase	borland software interbase	eq	wi_5.1.1.680
borland_software:interbase	borland software interbase	eq	wi-v6.0.0.627
borland_software:interbase	borland software interbase	eq	li_8.0.0.253
borland_software:interbase	borland software interbase	eq	wi-v7.0.1.1

Rows per page:

1-10 of 171

References

osvdb.org/38605

osvdb.org/38606

osvdb.org/38607

osvdb.org/38608

osvdb.org/38609

risesecurity.org/advisory/RISE-2007002/

risesecurity.org/blog/entry/3/

risesecurity.org/exploit/10/

risesecurity.org/exploit/12/

risesecurity.org/exploit/13/

risesecurity.org/exploit/14/

risesecurity.org/exploit/15/

risesecurity.org/exploit/9/

secunia.com/advisories/27058

www.securityfocus.com/bid/25917

www.securitytracker.com/id?1018772

www.vupen.com/english/advisories/2007/3381

exchange.xforce.ibmcloud.com/vulnerabilities/36956

Social References

7.7 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.486 Medium

EPSS

Percentile

97.5%

JSON

Related for CVE-2007-5243

packetstorm8 prion2 cve1