彙總 borland_software 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
常見弱點模式包括 緩衝區溢位、路徑處理缺陷、拒絕服務與SQL 注入,在 生產負載與軟體部署 使用場景中可能帶來 應用程式崩潰與記憶體損壞 等風險。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2007-5244 | Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through 8.1.0.253 on Linux, and possibly unspecified versions on Solaris, allows remote attackers to execute arbitrary code via a long attach request on TCP port 3050 to the open_marker_file function. | [email protected] | 9.3 | 37.50% | 2007-10-06 | 2026-06-16 |
| CVE-2007-5243 | Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect function, (2) a long create request on TCP port 3050 to the (c) isc_create_database or (d) jrd8_create_database function, (3) a long attach request on TCP port 3050 to the (e) isc_attach_database or (f) PWD_db_aliased function, | [email protected] | 9.3 | 40.06% | 2007-10-06 | 2026-06-16 |
| CVE-2007-3566 | Stack-based buffer overflow in the database service (ibserver.exe) in Borland InterBase 2007 before SP2 allows remote attackers to execute arbitrary code via a long size value in a create request to port 3050/tcp. | [email protected] | 7.5 | 66.08% | 2007-07-26 | 2026-06-16 |
| CVE-2006-6201 | Heap-based buffer overflow in Borland idsql32.dll 5.1.0.4, as used by RevilloC MailServer; 5.2.0.2 as used by Borland Developer Studio 2006; and possibly other versions allows remote attackers to execute arbitrary code via a long SQL statement, related to use of the DbiQExec function. | [email protected] | 7.5 | 3.37% | 2006-11-30 | 2026-06-16 |
| CVE-2006-0634 | Borland C++Builder 6 (BCB6) with Update Pack 4 Enterprise edition (ent_upd4) evaluates the "i>sizeof(int)" expression to false when i equals -1, which might introduce integer overflow vulnerabilities into applications that could be exploited by context-dependent attackers. | [email protected] | 4.6 | 0.40% | 2006-02-10 | 2026-06-16 |
| CVE-2004-2121 | Multiple directory traversal vulnerabilities in Borland Web Server (BWS) 1.0b3 and earlier allow remote attackers to read and download arbitrary files via (1) multi-dot "......" sequences, or (2) "%5c%2e%2e" (encoded "\..") sequences, in the URL. | [email protected] | 5.0 | 3.05% | 2004-12-31 | 2026-06-16 |
| CVE-2004-0204 | Directory traversal vulnerability in the web viewers for Business Objects Crystal Reports 9 and 10, and Crystal Enterprise 9 or 10, as used in Visual Studio .NET 2003 and Outlook 2003 with Business Contact Manager, Microsoft Business Solutions CRM 1.2, and other products, allows remote attackers to read and delete arbitrary files via ".." sequences in the dynamicimag argument to crystalimagehandler.aspx. | [email protected] | 7.5 | 72.99% | 2004-08-06 | 2026-06-16 |
| CVE-2004-2043 | Buffer overflow in ibserver for Firebird Database 1.0 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows remote attackers to cause a denial of service (crash) via a long database name, as demonstrated using the gsec command. | [email protected] | 5.0 | 11.87% | 2004-05-01 | 2026-06-16 |
| CVE-2004-1833 | The admin.ib file in Borland Interbase 7.1 for Linux has default world writable permissions, which allows local users to gain database administrative privileges. | [email protected] | 7.5 | 2.15% | 2004-03-20 | 2026-06-16 |
| CVE-2003-0197 | Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK). | [email protected] | 7.2 | 0.54% | 2003-04-11 | 2026-06-16 |
| CVE-2002-1514 | gds_lock_mgr in Borland InterBase allows local users to overwrite files and gain privileges via a symlink attack on a "isc_init1.X" temporary file, as demonstrated by modifying the xinetdbd file. | [email protected] | 7.2 | 0.84% | 2003-04-02 | 2026-06-16 |
| CVE-2002-2087 | Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server. | [email protected] | 4.6 | 1.22% | 2002-12-31 | 2026-06-16 |
| CVE-2001-0008 | Backdoor account in Interbase database server allows remote attackers to overwrite arbitrary files using stored procedures. | [email protected] | 10.0 | 7.02% | 2001-02-12 | 2026-06-16 |
| CVE-2000-0866 | Interbase 6 SuperServer for Linux allows an attacker to cause a denial of service via a query containing 0 bytes. | [email protected] | 2.1 | 0.41% | 2000-11-14 | 2026-06-16 |