Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-5244 β€” Improper Restriction of Operations within the Bounds of a Memory Buffer in Software Interbase

CWE-119 β€” Improper Restriction of Operations within the Bounds of a Memory Buffer5 documents4 sources
Severity
9.3CRITICALNVD
EPSS
77.6%
top 1.01%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Borland Software Interbase
Timeline
PublishedOct 6
Latest updateMay 1

Description

Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through 8.1.0.253 on Linux, and possibly unspecified versions on Solaris, allows remote attackers to execute arbitrary code via a long attach request on TCP port 3050 to the open_marker_file function.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

β–ΆNVDborland_software/interbaseli_8.0.0.253, li_8.0.0.53, li_8.0.0.54+2

πŸ”΄Vulnerability Details

2
GHSA
GHSA-9q4h-3qxr-p642: Stack-based buffer overflow in Borland InterBase LI 8β†—2022-05-01
β–Ά
CVEList
CVE-2007-5244: Stack-based buffer overflow in Borland InterBase LI 8β†—2007-10-06
β–Ά

πŸ’₯Exploits & PoCs

2
Exploit-DB
Borland Interbase - 'open_marker_file()' Remote Buffer Overflow (Metasploit)β†—2010-07-03
β–Ά
Exploit-DB
Borland Interbase 2007/2007 SP2 - 'open_marker_file' Remote Buffer Overflow (Metasploit)β†—2007-10-03
β–Ά
CVE-2007-5244 β€” Software Interbase vulnerability | cvebase