Borland Software
Products
16- 11 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
20| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2004-0204 | 0.09 | — | 0.73 | Aug 6, 2004 | Directory traversal vulnerability in the web viewers for Business Objects Crystal Reports 9 and 10, and Crystal Enterprise 9 or 10, as used in Visual Studio .NET 2003 and Outlook 2003 with Business Contact Manager, Microsoft Business Solutions CRM 1.2, and other products, allows… | |||
| CVE-2007-3566 | 0.08 | — | 0.66 | Jul 26, 2007 | Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 before SP2 allows remote attackers to execute arbitrary code via a long size value in a create request to port 3050/tcp. | |||
| CVE-2007-5243 | 0.06 | — | 0.40 | Oct 6, 2007 | Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect… | |||
| CVE-2007-5244 | 0.06 | — | 0.38 | Oct 6, 2007 | Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through 8.1.0.253 on Linux, and possibly unspecified versions on Solaris, allows remote attackers to execute arbitrary code via a long attach request on TCP port 3050 to the open_marker_file function. | |||
| CVE-2008-0311 | 0.05 | — | 0.31 | Apr 6, 2008 | Stack-based buffer overflow in the PGMWebHandler::parse_request function in the StarTeam Multicast Service component (STMulticastService) 6.4 in Borland CaliberRM 2006 allows remote attackers to execute arbitrary code via a large HTTP request. | |||
| CVE-2008-7126 | 0.04 | — | 0.10 | Aug 31, 2009 | Integer overflow in osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet with a large string length value to UDP port 14000, which triggers a… | |||
| CVE-2008-1910 | 0.04 | — | 0.07 | Apr 22, 2008 | Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 SP2 allows remote attackers to execute arbitrary code via a malformed opcode 0x52 request to TCP port 3050. NOTE: this might overlap CVE-2007-5243 or CVE-2007-5244. | |||
| CVE-2004-2043 | 0.04 | — | 0.12 | May 1, 2004 | Buffer overflow in ibserver for Firebird Database 1.0 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows remote attackers to cause a denial of service (crash) via a long database name, as demonstrated using the gsec command. | |||
| CVE-2001-0008 | 0.04 | — | 0.07 | Feb 12, 2001 | Backdoor account in Interbase database server allows remote attackers to overwrite arbitrary files using stored procedures. | |||
| CVE-2004-2121 | 0.03 | — | 0.03 | Dec 31, 2004 | Multiple directory traversal vulnerabilities in Borland Web Server (BWS) 1.0b3 and earlier allow remote attackers to read and download arbitrary files via (1) multi-dot "......" sequences, or (2) "%5c%2e%2e" (encoded "\..") sequences, in the URL. | |||
| CVE-2002-1514 | 0.03 | — | 0.01 | Apr 2, 2003 | gds_lock_mgr in Borland InterBase allows local users to overwrite files and gain privileges via a symlink attack on a "isc_init1.X" temporary file, as demonstrated by modifying the xinetdbd file. | |||
| CVE-2002-2087 | 0.03 | — | 0.01 | Dec 31, 2002 | Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server. | |||
| CVE-2015-6946 | 0.02 | — | 0.20 | Sep 15, 2015 | Multiple stack-based buffer overflows in the Reprise License Manager service in Borland AccuRev allow remote attackers to execute arbitrary code via the (1) akey or (2) actserver parameter to the activate_doit function or (3) licfile parameter to the service_startup_doit… | |||
| CVE-2008-7127 | 0.00 | — | 0.02 | Aug 31, 2009 | osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier allows remote attackers to cause a denial of service (crash) via a crafted packet with a large string length value to UDP port 14000, which triggers a memory allocation failure that is not properly handled. | |||
| CVE-2008-2559 | 0.00 | — | 0.04 | Jun 5, 2008 | Integer overflow in Borland Interbase 2007 SP2 (8.1.0.256) allows remote attackers to execute arbitrary code via a malformed packet to TCP port 3050, which triggers a stack-based buffer overflow. NOTE: this issue might be related to CVE-2008-0467. | |||
| CVE-2006-6201 | 0.00 | — | 0.03 | Dec 1, 2006 | Heap-based buffer overflow in Borland idsql32.dll 5.1.0.4, as used by RevilloC MailServer; 5.2.0.2 as used by Borland Developer Studio 2006; and possibly other versions allows remote attackers to execute arbitrary code via a long SQL statement, related to use of the DbiQExec… | |||
| CVE-2006-0634 | 0.00 | — | 0.00 | Feb 10, 2006 | Borland C++Builder 6 (BCB6) with Update Pack 4 Enterprise edition (ent_upd4) evaluates the "i>sizeof(int)" expression to false when i equals -1, which might introduce integer overflow vulnerabilities into applications that could be exploited by context-dependent attackers. | |||
| CVE-2004-1833 | 0.00 | — | 0.02 | Mar 20, 2004 | The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which allows local users to gain database administrative privileges. | |||
| CVE-2003-0197 | 0.00 | — | 0.01 | Apr 11, 2003 | Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK). | |||
| CVE-2000-0866 | 0.00 | — | 0.00 | Nov 14, 2000 | Interbase 6 SuperServer for Linux allows an attacker to cause a denial of service via a query containing 0 bytes. |
- CVE-2004-0204Aug 6, 2004risk 0.09cvss —epss 0.73
Directory traversal vulnerability in the web viewers for Business Objects Crystal Reports 9 and 10, and Crystal Enterprise 9 or 10, as used in Visual Studio .NET 2003 and Outlook 2003 with Business Contact Manager, Microsoft Business Solutions CRM 1.2, and other products, allows…
- CVE-2007-3566Jul 26, 2007risk 0.08cvss —epss 0.66
Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 before SP2 allows remote attackers to execute arbitrary code via a long size value in a create request to port 3050/tcp.
- CVE-2007-5243Oct 6, 2007risk 0.06cvss —epss 0.40
Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect…
- CVE-2007-5244Oct 6, 2007risk 0.06cvss —epss 0.38
Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through 8.1.0.253 on Linux, and possibly unspecified versions on Solaris, allows remote attackers to execute arbitrary code via a long attach request on TCP port 3050 to the open_marker_file function.
- CVE-2008-0311Apr 6, 2008risk 0.05cvss —epss 0.31
Stack-based buffer overflow in the PGMWebHandler::parse_request function in the StarTeam Multicast Service component (STMulticastService) 6.4 in Borland CaliberRM 2006 allows remote attackers to execute arbitrary code via a large HTTP request.
- CVE-2008-7126Aug 31, 2009risk 0.04cvss —epss 0.10
Integer overflow in osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet with a large string length value to UDP port 14000, which triggers a…
- CVE-2008-1910Apr 22, 2008risk 0.04cvss —epss 0.07
Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 SP2 allows remote attackers to execute arbitrary code via a malformed opcode 0x52 request to TCP port 3050. NOTE: this might overlap CVE-2007-5243 or CVE-2007-5244.
- CVE-2004-2043May 1, 2004risk 0.04cvss —epss 0.12
Buffer overflow in ibserver for Firebird Database 1.0 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows remote attackers to cause a denial of service (crash) via a long database name, as demonstrated using the gsec command.
- CVE-2001-0008Feb 12, 2001risk 0.04cvss —epss 0.07
Backdoor account in Interbase database server allows remote attackers to overwrite arbitrary files using stored procedures.
- CVE-2004-2121Dec 31, 2004risk 0.03cvss —epss 0.03
Multiple directory traversal vulnerabilities in Borland Web Server (BWS) 1.0b3 and earlier allow remote attackers to read and download arbitrary files via (1) multi-dot "......" sequences, or (2) "%5c%2e%2e" (encoded "\..") sequences, in the URL.
- CVE-2002-1514Apr 2, 2003risk 0.03cvss —epss 0.01
gds_lock_mgr in Borland InterBase allows local users to overwrite files and gain privileges via a symlink attack on a "isc_init1.X" temporary file, as demonstrated by modifying the xinetdbd file.
- CVE-2002-2087Dec 31, 2002risk 0.03cvss —epss 0.01
Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server.
- CVE-2015-6946Sep 15, 2015risk 0.02cvss —epss 0.20
Multiple stack-based buffer overflows in the Reprise License Manager service in Borland AccuRev allow remote attackers to execute arbitrary code via the (1) akey or (2) actserver parameter to the activate_doit function or (3) licfile parameter to the service_startup_doit…
- CVE-2008-7127Aug 31, 2009risk 0.00cvss —epss 0.02
osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier allows remote attackers to cause a denial of service (crash) via a crafted packet with a large string length value to UDP port 14000, which triggers a memory allocation failure that is not properly handled.
- CVE-2008-2559Jun 5, 2008risk 0.00cvss —epss 0.04
Integer overflow in Borland Interbase 2007 SP2 (8.1.0.256) allows remote attackers to execute arbitrary code via a malformed packet to TCP port 3050, which triggers a stack-based buffer overflow. NOTE: this issue might be related to CVE-2008-0467.
- CVE-2006-6201Dec 1, 2006risk 0.00cvss —epss 0.03
Heap-based buffer overflow in Borland idsql32.dll 5.1.0.4, as used by RevilloC MailServer; 5.2.0.2 as used by Borland Developer Studio 2006; and possibly other versions allows remote attackers to execute arbitrary code via a long SQL statement, related to use of the DbiQExec…
- CVE-2006-0634Feb 10, 2006risk 0.00cvss —epss 0.00
Borland C++Builder 6 (BCB6) with Update Pack 4 Enterprise edition (ent_upd4) evaluates the "i>sizeof(int)" expression to false when i equals -1, which might introduce integer overflow vulnerabilities into applications that could be exploited by context-dependent attackers.
- CVE-2004-1833Mar 20, 2004risk 0.00cvss —epss 0.02
The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which allows local users to gain database administrative privileges.
- CVE-2003-0197Apr 11, 2003risk 0.00cvss —epss 0.01
Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK).
- CVE-2000-0866Nov 14, 2000risk 0.00cvss —epss 0.00
Interbase 6 SuperServer for Linux allows an attacker to cause a denial of service via a query containing 0 bytes.