CVE-2007-5243 – Borland Interbase - 'jrd8_create_database()' Remote Buffer Overflow

https://notcve.org/view.php?id=CVE-2007-5243

Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect function, (2) a long create request on TCP port 3050 to the (c) isc_create_database or (d) jrd8_create_database function, (3) a long attach request on TCP port 3050 to the (e) isc_attach_database or (f) PWD_db_aliased function, or unspecified vectors involving the (4) jrd8_attach_database or (5) expand_filename2 function. Múltiples desbordamientos de búfer basados en pila en Borland InterBase LI 8.0.0.53 hasta 8.1.0.253, y WI 5.1.1.680 hasta 8.1.0.257, permite a atacantes remotos ejecutar código de su elección mediante (1) una petición larga de anexión a servicio en el puerto TCP 3050 a las funciones (a) SVC_attach o (b) INET_connect, (2) una petición larga de creación en el puerto TCP 3050 a las funciones (c) isc_create_database o (d) jrd8_create_database, (3) una petición de anexión larga en el puerto TCP 3050 a las funciones (e) isc_attach_database o (f) PWD_db_aliased, o vectores no especificados que involucran a las funciones (4) jrd8_attach_database o (5) expand_filename2. • https://www.exploit-db.com/exploits/16843 https://www.exploit-db.com/exploits/16844 https://www.exploit-db.com/exploits/10020 https://www.exploit-db.com/exploits/16839 https://www.exploit-db.com/exploits/10021 https://www.exploit-db.com/exploits/9954 https://www.exploit-db.com/exploits/16437 https://www.exploit-db.com/exploits/16447 https://www.exploit-db.com/exploits/16449 https://www.exploit-db.com/exploits/16440 https://www.exploit-db.com/exploits/16432 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •