CVE-2007-5244 – Borland Interbase 2007/2007 SP2 - 'open_marker_file' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-5244
Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through 8.1.0.253 on Linux, and possibly unspecified versions on Solaris, allows remote attackers to execute arbitrary code via a long attach request on TCP port 3050 to the open_marker_file function. Desbordamiento de búfer basado en pila en Borland InterBase LI 8.0.0.53 hasta la 8.1.0.253 sobre Linux, y posiblemente en versiones no especificadas sobre Solaris, permite a atacantes remotos ejecutar código de su elección a través de una respuesta adjunta larga sobre el puerto TCP 3050 en la función open_marker_file. • https://www.exploit-db.com/exploits/10019 https://www.exploit-db.com/exploits/16840 http://osvdb.org/38610 http://risesecurity.org/advisory/RISE-2007002 http://risesecurity.org/blog/entry/3 http://risesecurity.org/exploit/11 http://secunia.com/advisories/27058 http://www.securityfocus.com/bid/25917 http://www.securitytracker.com/id?1018772 http://www.vupen.com/english/advisories/2007/3381 https://exchange.xforce.ibmcloud.com/vulnerabilities/36956 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-5243 – Borland Interbase - 'jrd8_create_database()' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-5243
Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect function, (2) a long create request on TCP port 3050 to the (c) isc_create_database or (d) jrd8_create_database function, (3) a long attach request on TCP port 3050 to the (e) isc_attach_database or (f) PWD_db_aliased function, or unspecified vectors involving the (4) jrd8_attach_database or (5) expand_filename2 function. Múltiples desbordamientos de búfer basados en pila en Borland InterBase LI 8.0.0.53 hasta 8.1.0.253, y WI 5.1.1.680 hasta 8.1.0.257, permite a atacantes remotos ejecutar código de su elección mediante (1) una petición larga de anexión a servicio en el puerto TCP 3050 a las funciones (a) SVC_attach o (b) INET_connect, (2) una petición larga de creación en el puerto TCP 3050 a las funciones (c) isc_create_database o (d) jrd8_create_database, (3) una petición de anexión larga en el puerto TCP 3050 a las funciones (e) isc_attach_database o (f) PWD_db_aliased, o vectores no especificados que involucran a las funciones (4) jrd8_attach_database o (5) expand_filename2. • https://www.exploit-db.com/exploits/16843 https://www.exploit-db.com/exploits/16844 https://www.exploit-db.com/exploits/10020 https://www.exploit-db.com/exploits/16839 https://www.exploit-db.com/exploits/10021 https://www.exploit-db.com/exploits/9954 https://www.exploit-db.com/exploits/16437 https://www.exploit-db.com/exploits/16447 https://www.exploit-db.com/exploits/16449 https://www.exploit-db.com/exploits/16440 https://www.exploit-db.com/exploits/16432 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-3566 – Borland Interbase - 'Create-Request' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-3566
Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 before SP2 allows remote attackers to execute arbitrary code via a long size value in a create request to port 3050/tcp. Desbordamiento de búfer basado en pila en el servicio de base de datos (ibserver.exe) del Borland InterBase 2007 anterior al SP2 permite a atacantes remotos ejecutar código de su elección a través de un valor de tamaño grande en una petición "create" al puerto 3050/tcp. • https://www.exploit-db.com/exploits/16453 http://dvlabs.tippingpoint.com/advisory/TPTI-07-13 http://dvlabs.tippingpoint.com/blog/2007/07/24/step-by-step-of-how-tpti-07-013-was-discovered http://osvdb.org/38602 http://secunia.com/advisories/26189 http://securityreason.com/securityalert/2929 http://www.codegear.com/downloads/regusers/interbase http://www.securityfocus.com/archive/1/474561/100/0/threaded http://www.securityfocus.com/bid/25048 http://www.securitytracker.com/id& •
CVE-2006-6201
https://notcve.org/view.php?id=CVE-2006-6201
Heap-based buffer overflow in Borland idsql32.dll 5.1.0.4, as used by RevilloC MailServer; 5.2.0.2 as used by Borland Developer Studio 2006; and possibly other versions allows remote attackers to execute arbitrary code via a long SQL statement, related to use of the DbiQExec function. Desbordamiento del buffer basado en pilas en el Borland idsql32.dll 5.1.0.4, como el usado en el RevilloC MailServer, la 5.2.0.2 como el usado en el Developer Studio 2006 y posiblemente otras versiones, permite a atacantes remotos ejecutar código de su elección a través de la declaración de una sentencia larga en SQL relacionada con el uso de la función DbiQExec. • http://secunia.com/advisories/22570 http://secunia.com/secunia_research/2006-70/advisory http://www.securityfocus.com/archive/1/453003/100/0/threaded http://www.securityfocus.com/bid/21342 http://www.vupen.com/english/advisories/2006/4763 https://exchange.xforce.ibmcloud.com/vulnerabilities/30583 •
CVE-2006-0634
https://notcve.org/view.php?id=CVE-2006-0634
Borland C++Builder 6 (BCB6) with Update Pack 4 Enterprise edition (ent_upd4) evaluates the "i>sizeof(int)" expression to false when i equals -1, which might introduce integer overflow vulnerabilities into applications that could be exploited by context-dependent attackers. • http://securitytracker.com/id?1015588 http://www.osvdb.org/22953 http://www.securityfocus.com/archive/1/424085/100/0/threaded http://www.xfocus.net/releases/200602/a849.html https://exchange.xforce.ibmcloud.com/vulnerabilities/24514 •