header-logo
Suggest Exploit
vendor:
StarTeam
by:
SecurityFocus
7.5
CVSS
HIGH
Multiple Integer-Overflow, Heap-Overflow and Denial-of-Service Vulnerabilities
119, 190, 400
CWE
Product Name: StarTeam
Affected Version From: Borland StarTeam Server 2008 and MPX products
Affected Version To: Other versions may also be affected
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

Borland StarTeam Multiple Vulnerabilities

Borland StarTeam is prone to multiple issues, including multiple integer-overflow vulnerabilities, a heap-overflow vulnerability, and a denial-of-service vulnerability. Successfully exploiting these issues allows remote attackers to execute arbitrary machine code in the context of vulnerable server processes. These issues may facilitate the remote compromise of affected computers. Attackers may also trigger denial-of-service conditions.

Mitigation:

Users should apply the appropriate updates from the vendor to help mitigate the risk of exploitation.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/28080/info

Borland StarTeam is prone to multiple issues, including multiple integer-overflow vulnerabilities, a heap-overflow vulnerability, and a denial-of-service vulnerability.

Successfully exploiting these issues allows remote attackers to execute arbitrary machine code in the context of vulnerable server processes. These issues may facilitate the remote compromise of affected computers. Attackers may also trigger denial-of-service conditions.

NOTE: The StarTeam MPX vulnerabilities may actually be related to a TIBCO SmartSocket DLL, but this has not been confirmed. We may update this BID as more information emerges.

Borland StarTeam Server 2008 and MPX products are vulnerable to these issues; other versions may also be affected. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/31327-1.zip
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/31327-2.zip

Navigation

Suggest Exploit

Services By CQR