FrontBase Relational Database Server Procedure Buffer Overflow Vulnerability

FrontBase Relational Database Server Procedure Buffer Overflow Vulnerability

FrontBase Relational Database Server is prone to a remote stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.

Attackers must have permission to create SQL-procedures requests.

Exploiting this issue allows attackers to execute arbitrary machine code with superuser or SYSTEM-Level privileges. This will result in a complete compromise of affected computers. Failed exploit attempts will likely result in denial-of-service conditions.

This issue affects FrontBase 4.2.7 and prior versions.