Directory traversal

Directory traversal vulnerability in OpenBase 10.0.5 and earlier allows remote authenticated users to create files with arbitrary contents via a .. dot dot in the first argument to the GlobalLog stored procedure. NOTE: this can be leveraged to execute arbitrary code using CVE-2007-5926...

CVE-2007-5927

Directory traversal vulnerability in OpenBase 10.0.5 and earlier allows remote authenticated users to create files with arbitrary contents via a .. dot dot in the first argument to the GlobalLog stored procedure. NOTE: this can be leveraged to execute arbitrary code using CVE-2007-5926...

CVE-2007-5929

Buffer overflow in OpenBase 10.0.5 and earlier might allow remote authenticated users to execute arbitrary code or cause a denial of service daemon crash by creating a stored procedure with a long name and invoking this procedure, which triggers heap corruption...

Buffer overflow

OpenBase 10.0.5 and earlier allows remote authenticated users to trigger a free of an arbitrary memory location via long strings in a SELECT statement. NOTE: this might be a buffer overflow, but it is not clear...

Code injection

OpenBase 10.0.5 and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in arguments to the 1 AsciiBackup, 2 OEMLicenseInstall, and possibly other stored procedures...

CVE-2007-5926

CVE-2007-5926 and CVE-2007-5927 describe vulnerabilities in OpenBase 10.0.5 and earlier. The issues allow remote authenticated users to (1) execute arbitrary commands by passing shell metacharacters to stored procedures such as AsciiBackup and OEMLicenseInstall, and (2) perform directory traversa...

CVE-2007-5929

Buffer overflow in OpenBase 10.0.5 and earlier might allow remote authenticated users to execute arbitrary code or cause a denial of service daemon crash by creating a stored procedure with a long name and invoking this procedure, which triggers heap corruption...

CVE-2007-5927

Directory traversal vulnerability in OpenBase 10.0.5 and earlier allows remote authenticated users to create files with arbitrary contents via a .. dot dot in the first argument to the GlobalLog stored procedure. NOTE: this can be leveraged to execute arbitrary code using CVE-2007-5926...

CVE-2007-5928

OpenBase 10.0.5 and earlier is affected. Remote authenticated users can trigger a free of an arbitrary memory location by supplying long strings in a SELECT statement. The root cause is unclear, with indications it may be a buffer overflow. Affected product/version: OpenBase

CVE-2007-5927

Directory traversal vulnerability in OpenBase 10.0.5 and earlier allows remote authenticated users to create files with arbitrary contents via a .. dot dot in the first argument to the GlobalLog stored procedure. NOTE: this can be leveraged to execute arbitrary code using CVE-2007-5926...

CVE-2007-5926

OpenBase 10.0.5 and earlier allows remote authenticated users to execute arbitrary commands via shell metacharacters in arguments to the 1 AsciiBackup, 2 OEMLicenseInstall, and possibly other stored procedures...

CVE-2007-5929

CVE-2007-5929 describes a buffer overflow in OpenBase

CVE-2007-5928

OpenBase 10.0.5 and earlier allows remote authenticated users to trigger a free of an arbitrary memory location via long strings in a SELECT statement. NOTE: this might be a buffer overflow, but it is not clear...

CVE-2007-5927

CVE-2007-5927 (OpenBase) affects OpenBase 10.0.5 and earlier. A directory traversal issue in the GlobalLog stored procedure allows remote authenticated users to create files with arbitrary contents by supplying a leading .. sequence as the first argument. The issue is noted to be exploitable in c...

CVE-2007-5928

OpenBase 10.0.5 and earlier allows remote authenticated users to trigger a free of an arbitrary memory location via long strings in a SELECT statement. NOTE: this might be a buffer overflow, but it is not clear...

PT-2007-6860 · Openbase · Openbase

Name of the Vulnerable Software and Affected Versions: OpenBase versions 10.0.5 and earlier Description: The issue allows remote authenticated users to create files with arbitrary contents by utilizing a .. dot dot in the first argument to the GlobalLog stored procedure, potentially leading to th...

PT-2007-6861 · Openbase · Openbase

Name of the Vulnerable Software and Affected Versions: OpenBase versions 10.0.5 and earlier Description: The issue allows remote authenticated users to trigger a free of an arbitrary memory location via long strings in a SELECT statement. It is unclear if this is a buffer overflow. Recommendation...

PT-2007-6859 · Openbase · Openbase

Name of the Vulnerable Software and Affected Versions: OpenBase versions 10.0.5 and earlier Description: The issue allows remote authenticated users to execute arbitrary commands via shell metacharacters in arguments to certain stored procedures, including 1 AsciiBackup and 2 OEMLicenseInstall, a...

OpenBase 10.0.x - Remote Buffer Overflow / Remote Command Execution

source: https://www.securityfocus.com/bid/26347/info OpenBase is prone to a buffer-overflow vulnerability and multiple remote command-execution vulnerabilities. An attacker could exploit these issues to execute arbitrary code or commands with superuser privileges. Successfully exploiting these...

OpenBase 10.0.x - Remote Buffer Overflow Remote Command Execution

OpenBase 10.0.x - Remote Buffer Overflow Remote Command Execution source: https://www.securityfocus.com/bid/26347/info OpenBase is prone to a buffer-overflow vulnerability and multiple remote command-execution vulnerabilities. An attacker could exploit these issues to execute arbitrary code or...