CVE-2003-0197 - Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a l

CVE-2003-0197

Summary

Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK).

References

Vulnerable Configurations

cpe:2.3:a:borland_software:interbase:6.0:*:*:*:*:*:*:*
cpe:2.3:a:borland_software:interbase:6.0:*:*:*:*:*:*:*
cpe:2.3:a:borland_software:interbase:6.4:*:*:*:*:*:*:*
cpe:2.3:a:borland_software:interbase:6.4:*:*:*:*:*:*:*
cpe:2.3:a:borland_software:interbase:6.5:*:*:*:*:*:*:*
cpe:2.3:a:borland_software:interbase:6.5:*:*:*:*:*:*:*
cpe:2.3:a:firebirdsql:firebird:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:firebirdsql:firebird:1.0.2:*:*:*:*:*:*:*

CVSS

Base:	7.2 (as of 18-10-2016 - 02:30)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bugtraq	20030403 SRT2003-04-03-1300 - Interbase ISC_LOCK_ENV overflow
misc	http://www.secnetops.com/research/advisories/SRT2003-04-03-1300.txt
vulnwatch	20030403 SRT2003-04-03-1300 - Interbase ISC_LOCK_ENV overflow

Last major update

18-10-2016 - 02:30

Published

11-04-2003 - 04:00

Last modified

18-10-2016 - 02:30