Vulnerability Details CVE-2006-6201
Heap-based buffer overflow in Borland idsql32.dll 5.1.0.4, as used by RevilloC MailServer; 5.2.0.2 as used by Borland Developer Studio 2006; and possibly other versions allows remote attackers to execute arbitrary code via a long SQL statement, related to use of the DbiQExec function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.052
EPSS Ranking 89.4%
CVSS Severity
CVSS v2 Score 7.5
References
- http://secunia.com/advisories/22570
- http://secunia.com/secunia_research/2006-70/advisory/
- http://www.securityfocus.com/archive/1/453003/100/0/threaded
- http://www.securityfocus.com/bid/21342
- http://www.vupen.com/english/advisories/2006/4763
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30583
- http://secunia.com/advisories/22570
- http://secunia.com/secunia_research/2006-70/advisory/
- http://www.securityfocus.com/archive/1/453003/100/0/threaded
- http://www.securityfocus.com/bid/21342
- http://www.vupen.com/english/advisories/2006/4763
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30583
Products affected by CVE-2006-6201
-
cpe:2.3:a:borland_software:c++_builder:2006
-
cpe:2.3:a:borland_software:c++_builder:5.x
-
cpe:2.3:a:borland_software:c++_builder:6.x
-
cpe:2.3:a:borland_software:c_builder:2006
-
cpe:2.3:a:borland_software:delphi:2006
-
cpe:2.3:a:borland_software:delphi:5.x
-
cpe:2.3:a:borland_software:delphi:6.x
-
cpe:2.3:a:borland_software:delphi:7.x
-
cpe:2.3:a:borland_software:developer_studio:2006
-
cpe:2.3:a:borland_software:idsql32.dll:5.1.0.2
-
cpe:2.3:a:borland_software:idsql32.dll:5.1.0.4
-
cpe:2.3:a:revilloc:mailserver:*