Lucene search

[email protected]CVE-2006-6201

HistoryDec 01, 2006 - 1:28 a.m.

CVE-2006-6201

2006-12-0101:28:00

[email protected]

web.nvd.nist.gov

cve-2006-6201

buffer overflow

borland

idsql32.dll

remote code execution

nvd

security vulnerability

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.8 High

AI Score

Confidence

Low

0.157 Low

EPSS

Percentile

96.0%

JSON

Heap-based buffer overflow in Borland idsql32.dll 5.1.0.4, as used by RevilloC MailServer; 5.2.0.2 as used by Borland Developer Studio 2006; and possibly other versions allows remote attackers to execute arbitrary code via a long SQL statement, related to use of the DbiQExec function.

Affected configurations

NVD

Node

borland_softwarec\+\+_builderMatch5.x

borland_softwarec\+\+_builderMatch6.x

borland_softwarec\+\+_builderMatch2006

borland_softwarec_builderMatch2006

borland_softwaredelphiMatch5.x

borland_softwaredelphiMatch6.x

borland_softwaredelphiMatch7.x

borland_softwaredelphiMatch2006

borland_softwaredeveloper_studioMatch2006

borland_softwareidsql32.dllMatch5.1.0.2

borland_softwareidsql32.dllMatch5.1.0.4

revillocmailserver

CPENameOperatorVersion
borland_software:c\+\+_builderborland software c++ buildereq5.x
borland_software:c\+\+_builderborland software c++ buildereq6.x
borland_software:c\+\+_builderborland software c++ buildereq2006
borland_software:c_builderborland software c buildereq2006
borland_software:delphiborland software delphieq5.x
borland_software:delphiborland software delphieq6.x
borland_software:delphiborland software delphieq7.x
borland_software:delphiborland software delphieq2006
borland_software:developer_studioborland software developer studioeq2006
borland_software:idsql32.dllborland software idsql32.dlleq5.1.0.2

CPE	Name	Operator	Version
borland_software:c\+\+_builder	borland software c++ builder	eq	5.x
borland_software:c\+\+_builder	borland software c++ builder	eq	6.x
borland_software:c\+\+_builder	borland software c++ builder	eq	2006
borland_software:c_builder	borland software c builder	eq	2006
borland_software:delphi	borland software delphi	eq	5.x
borland_software:delphi	borland software delphi	eq	6.x
borland_software:delphi	borland software delphi	eq	7.x
borland_software:delphi	borland software delphi	eq	2006
borland_software:developer_studio	borland software developer studio	eq	2006
borland_software:idsql32.dll	borland software idsql32.dll	eq	5.1.0.2

Rows per page:

1-10 of 121

References

secunia.com/advisories/22570

secunia.com/secunia_research/2006-70/advisory/

www.securityfocus.com/archive/1/453003/100/0/threaded

www.securityfocus.com/bid/21342

www.vupen.com/english/advisories/2006/4763

exchange.xforce.ibmcloud.com/vulnerabilities/30583

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

8.8 High

AI Score

Confidence

Low

0.157 Low

EPSS

Percentile

96.0%

JSON

Related for CVE-2006-6201

cvelist1 nvd1