ID CVE-2006-0634
Summary Borland C++Builder 6 (BCB6) with Update Pack 4 Enterprise edition (ent_upd4) evaluates the "i>sizeof(int)" expression to false when i equals -1, which might introduce integer overflow vulnerabilities into applications that could be exploited by context-dependent attackers.
References
Vulnerable Configurations
  • cpe:2.3:a:borland_software:c\+\+_builder:6:enterprise_update_4:*:*:*:*:*:*
    cpe:2.3:a:borland_software:c\+\+_builder:6:enterprise_update_4:*:*:*:*:*:*
CVSS
Base: 4.6 (as of 19-10-2018 - 15:45)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bugtraq 20060206 [xfocus-SD-060206]BCB compiler incorrect deal sizeof operator vulnerability
misc http://www.xfocus.net/releases/200602/a849.html
osvdb 22953
sectrack 1015588
xf bcb-compiler-integer-overflow(24514)
Last major update 19-10-2018 - 15:45
Published 10-02-2006 - 11:02
Last modified 19-10-2018 - 15:45
Back to Top