Gupta SQLBase EXECUTE Buffer Overflow Vulnerability

info
discussion
exploit
solution
references

Gupta SQLBase EXECUTE Buffer Overflow Vulnerability

A buffer overflow vulnerability has been reported for SQLBase when using the EXECUTE command.

An attacker can exploit this vulnerability by issuing an EXECUTE command with an overly large value as a parameter. This will cause SQLBase to crash and possibly execute attacker-supplied code with elevated privileges.