ghsa-cm4p-rvrm-3xfj
Vulnerability from github
Published
2022-05-01 18:31
Modified
2025-04-09 03:46
VLAI Severity ?
Details
Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect function, (2) a long create request on TCP port 3050 to the (c) isc_create_database or (d) jrd8_create_database function, (3) a long attach request on TCP port 3050 to the (e) isc_attach_database or (f) PWD_db_aliased function, or unspecified vectors involving the (4) jrd8_attach_database or (5) expand_filename2 function.
{
"affected": [],
"aliases": [
"CVE-2007-5243"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2007-10-06T17:17:00Z",
"severity": "HIGH"
},
"details": "Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect function, (2) a long create request on TCP port 3050 to the (c) isc_create_database or (d) jrd8_create_database function, (3) a long attach request on TCP port 3050 to the (e) isc_attach_database or (f) PWD_db_aliased function, or unspecified vectors involving the (4) jrd8_attach_database or (5) expand_filename2 function.",
"id": "GHSA-cm4p-rvrm-3xfj",
"modified": "2025-04-09T03:46:58Z",
"published": "2022-05-01T18:31:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2007-5243"
},
{
"type": "WEB",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/36956"
},
{
"type": "WEB",
"url": "http://osvdb.org/38605"
},
{
"type": "WEB",
"url": "http://osvdb.org/38606"
},
{
"type": "WEB",
"url": "http://osvdb.org/38607"
},
{
"type": "WEB",
"url": "http://osvdb.org/38608"
},
{
"type": "WEB",
"url": "http://osvdb.org/38609"
},
{
"type": "WEB",
"url": "http://risesecurity.org/advisory/RISE-2007002"
},
{
"type": "WEB",
"url": "http://risesecurity.org/blog/entry/3"
},
{
"type": "WEB",
"url": "http://risesecurity.org/exploit/10"
},
{
"type": "WEB",
"url": "http://risesecurity.org/exploit/12"
},
{
"type": "WEB",
"url": "http://risesecurity.org/exploit/13"
},
{
"type": "WEB",
"url": "http://risesecurity.org/exploit/14"
},
{
"type": "WEB",
"url": "http://risesecurity.org/exploit/15"
},
{
"type": "WEB",
"url": "http://risesecurity.org/exploit/9"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/27058"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/25917"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id?1018772"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2007/3381"
}
],
"schema_version": "1.4.0",
"severity": []
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…