Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Buffer overflow in OpenBase 10.0.5 and earlier might allow remote authenticated users to execute arbitrary code or cause a denial of service (daemon crash) by creating a stored procedure with a long name and invoking this procedure, which triggers heap corruption.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenBase命令注入及缓冲区溢出漏洞
Vulnerability Description
OpenBase是一款数据库服务器应用,可提供对结构化数据的高速访问。 OpenBase在实现存储过程时存在漏洞,本地攻击者可能利用这些漏洞提升自己的权限。 OpenBase在使用存储过程(如GlobalLog()或OEMLicenseInstall())中存在一些漏洞,如果用户能够创建有超长名称的存储过程的话,就可以触发缓冲区溢出,导致拒绝服务或以root权限执行任意代码;如果向预定义的存储过程注入了一系列反引号(`)的话,就可以注入恶意命令并以root用户权限执行。
CVSS Information
N/A
Vulnerability Type
N/A