VYPR

Interbase

by Borland Software

CVEs (11)

  • CVE-2007-3566Jul 26, 2007
    risk 0.08cvss epss 0.66

    Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 before SP2 allows remote attackers to execute arbitrary code via a long size value in a create request to port 3050/tcp.

  • CVE-2007-5244Oct 6, 2007
    risk 0.06cvss epss 0.38

    Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through 8.1.0.253 on Linux, and possibly unspecified versions on Solaris, allows remote attackers to execute arbitrary code via a long attach request on TCP port 3050 to the open_marker_file function.

  • CVE-2007-5243Oct 6, 2007
    risk 0.06cvss epss 0.40

    Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect…

  • CVE-2008-1910Apr 22, 2008
    risk 0.04cvss epss 0.07

    Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 SP2 allows remote attackers to execute arbitrary code via a malformed opcode 0x52 request to TCP port 3050. NOTE: this might overlap CVE-2007-5243 or CVE-2007-5244.

  • CVE-2004-2043May 1, 2004
    risk 0.04cvss epss 0.12

    Buffer overflow in ibserver for Firebird Database 1.0 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows remote attackers to cause a denial of service (crash) via a long database name, as demonstrated using the gsec command.

  • CVE-2001-0008Feb 12, 2001
    risk 0.04cvss epss 0.07

    Backdoor account in Interbase database server allows remote attackers to overwrite arbitrary files using stored procedures.

  • CVE-2002-1514Apr 2, 2003
    risk 0.03cvss epss 0.01

    gds_lock_mgr in Borland InterBase allows local users to overwrite files and gain privileges via a symlink attack on a "isc_init1.X" temporary file, as demonstrated by modifying the xinetdbd file.

  • CVE-2002-2087Dec 31, 2002
    risk 0.03cvss epss 0.01

    Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server.

  • CVE-2008-2559Jun 5, 2008
    risk 0.00cvss epss 0.04

    Integer overflow in Borland Interbase 2007 SP2 (8.1.0.256) allows remote attackers to execute arbitrary code via a malformed packet to TCP port 3050, which triggers a stack-based buffer overflow. NOTE: this issue might be related to CVE-2008-0467.

  • CVE-2004-1833Mar 20, 2004
    risk 0.00cvss epss 0.02

    The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which allows local users to gain database administrative privileges.

  • CVE-2003-0197Apr 11, 2003
    risk 0.00cvss epss 0.01

    Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK).