Vulnerabilities > CVE-2003-0197 - Local Security vulnerability in Interbase

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

borland-software

firebirdsql

NVD

Published: 2003-04-11

Updated: 2016-10-18

Summary

Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK).

Vulnerable Configurations

Part	Description	Count
Application	Borland_Software Borland Software Interbase 6.0 Borland Software Interbase 6.4 Borland Software Interbase 6.5	3
Application	Firebirdsql Firebirdsql Firebird 1.0.2	1

References

http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0003.html
http://marc.info/?l=bugtraq&m=104940730819887&w=2
http://www.secnetops.com/research/advisories/SRT2003-04-03-1300.txt