{"id": "KLA10092", "type": "kaspersky", "bulletinFamily": "info", "title": "KLA10092 LPE vulnerability in Borland Interbase", "description": "### *Detect date*:\n04/11/2003\n\n### *Severity*:\nHigh\n\n### *Description*:\nA buffer overflow was found in Borland Interbase. By exploiting this vulnerability malicious users can gain privileges. This vulnerability can be exploited locally at a point related to gds_lock_mgr via specially designed environment variables.\n\n### *Affected products*:\nBorland Interbase Database 6 all versions\n\n### *Solution*:\nUpdate to latest version\n\n### *Impacts*:\nPE \n\n### *Related products*:\n[Borland Interbase](<https://threats.kaspersky.com/en/product/Borland-Interbase/>)\n\n### *CVE-IDS*:\n[CVE-2003-0197](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0197>)7.2High", "published": "2003-04-11T00:00:00", "modified": "2020-06-03T00:00:00", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://threats.kaspersky.com/en/vulnerability/KLA10092/", "reporter": "Kaspersky Lab", "references": ["https://threats.kaspersky.com/en/product/Borland-Interbase/", "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0197", "https://statistics.securelist.com/vulnerability-scan/month"], "cvelist": ["CVE-2003-0197"], "immutableFields": [], "lastseen": "2021-08-18T11:34:14", "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2003-0197"]}], "rev": 4}, "score": {"value": 6.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2003-0197"]}]}, "exploitation": null, "vulnersScore": 6.3}, "_state": {"dependencies": 1647589307, "score": 0}}

{"cve": [{"lastseen": "2022-03-23T11:33:05", "description": "Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK).", "cvss3": {}, "published": "2003-04-11T04:00:00", "type": "cve", "title": "CVE-2003-0197", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2003-0197"], "modified": "2016-10-18T02:30:00", "cpe": ["cpe:/a:borland_software:interbase:6.0", "cpe:/a:borland_software:interbase:6.5", "cpe:/a:borland_software:interbase:6.4", "cpe:/a:firebirdsql:firebird:1.0.2"], "id": "CVE-2003-0197", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0197", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:firebirdsql:firebird:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:borland_software:interbase:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:borland_software:interbase:6.5:*:*:*:*:*:*:*", "cpe:2.3:a:borland_software:interbase:6.4:*:*:*:*:*:*:*"]}]}