CVE-2007-1511
published 2007-03-20CVE-2007-1511: Buffer overflow in FrontBase Relational Database Server 4.2.7 and earlier allows remote authenticated users, with privileges for creating a stored procedure…
PriorityP337high7.1CVSS 2.0
AVNACHAuSCCICAC
EXPLOIT
EPSS
5.44%
91.7th percentile
Buffer overflow in FrontBase Relational Database Server 4.2.7 and earlier allows remote authenticated users, with privileges for creating a stored procedure, to execute arbitrary code via a CREATE PROCEDURE request with a long procedure name.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| frontbase | relational_database_server | <= 4.2.7 | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Frontbase 4.2.7 - (Authenticated) Remote Buffer Overflow (2.2)
exploitdb·2007-04-02
CVE-2007-1511 Frontbase 4.2.7 - (Authenticated) Remote Buffer Overflow (2.2)
Frontbase 4.2.7 - (Authenticated) Remote Buffer Overflow (2.2)
---
/* Dreatica-FXP crew
*
* ----------------------------------------
* Target : Frontbase )
* 4. Dreatica-FXP crew ( )
* ----------------------------------------
* This was written for educational purpose only. Use it at your own risk. Author will be not be
* responsible for any damage, caused by that code.
*/
#include
#include
#include
#include
#include
#pragma comment(lib,"ws2_32")
#include "FBCAccess/FBCAccess.h"
void usage(char * s);
void logo();
void prepare_shellcode(unsigned char * fsh, int sh, char * url);
void make_buffer(char * buf, int itarget, int sh, char * url);
int validate_args( int port, int sh, int itarget);
int send_buffer(char * host, int port, char * user, char * password, char * dbpassword, char * da
Exploit-DB
Frontbase 4.2.7 (Windows) - Remote Buffer Overflow
exploitdb·2007-03-25
CVE-2007-1511 Frontbase 4.2.7 (Windows) - Remote Buffer Overflow
Frontbase 4.2.7 (Windows) - Remote Buffer Overflow
---
/* Dreatica-FXP crew
*
* ----------------------------------------
* Target : Frontbase
#include
#include
#include
#pragma comment(lib,"ws2_32")
#include "FBCAccess/FBCAccess.h"
void usage(char * s);
void logo();
void prepare_shellcode(unsigned char * fsh, int sh);
void make_buffer(char * buf, int itarget, int sh);
int validate_args( int port, int sh, int itarget);
int send_buffer(char * host, int port, char * user, char * password, char * dbpassword, char * database, char * buf);
// -----------------------------------------------------------------
// XGetopt.cpp Version 1.2
// -----------------------------------------------------------------
int getopt(int argc, char *argv[], char *optstring);
char *optarg; // global argument point
No writeups or analysis indexed.
http://osvdb.org/34282http://secunia.com/advisories/24555http://securityreason.com/securityalert/2470http://www.securityfocus.com/archive/1/463042/100/0/threadehttp://www.securityfocus.com/bid/23007http://www.vupen.com/english/advisories/2007/0999http://osvdb.org/34282http://secunia.com/advisories/24555http://securityreason.com/securityalert/2470http://www.securityfocus.com/archive/1/463042/100/0/threadehttp://www.securityfocus.com/bid/23007http://www.vupen.com/english/advisories/2007/0999
2007-03-20
Published