CVE-2007-5244

Borland InterBase 8.0.0.53-8.1.0.253 - Remote Code Execution via Long Attach Request

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2007-5244. PoCs published by Metasploit, Adriano Lima, Ramon de C Valle, including Metasploit module exploits/linux/misc/ib_open_marker_file.

AI-analyzed exploit summary This exploit targets a stack buffer overflow in Borland InterBase via a crafted attach request. It leverages a known return address to execute arbitrary payloads, achieving remote code execution.

Description

Stack-based buffer overflow in Borland InterBase LI 8.0.0.53 through 8.1.0.253 on Linux, and possibly unspecified versions on Solaris, allows remote attackers to execute arbitrary code via a long attach request on TCP port 3050 to the open_marker_file function.

Exploits (3)

exploitdb WORKING POC VERIFIED
by Metasploit · rubyremotelinux
https://www.exploit-db.com/exploits/16840

This exploit targets a stack buffer overflow in Borland InterBase via a crafted attach request. It leverages a known return address to execute arbitrary payloads, achieving remote code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Borland InterBase LI-V8.0.0.53, LI-V8.0.0.54, LI-V8.1.0.253
No auth needed
Prerequisites: Network access to target port 3050 · Vulnerable InterBase version
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by Adriano Lima · rubyremotelinux
https://www.exploit-db.com/exploits/10019

This exploit targets a stack-based buffer overflow in Borland InterBase via a crafted attach request. It leverages a known return address to execute arbitrary payloads, achieving remote code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Borland InterBase LI-V8.0.0.53, LI-V8.0.0.54, LI-V8.1.0.253
No auth needed
Prerequisites: Network access to target port 3050 · Vulnerable InterBase version
devstral-2 · analyzed Feb 16, 2026 Full analysis →
metasploit WORKING POC GOOD
by Ramon de C Valle · rubypoclinux
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/misc/ib_open_marker_file.rb

This Metasploit module exploits a stack buffer overflow in Borland InterBase via a crafted attach request, targeting versions LI-V8.0.0.53, LI-V8.0.0.54, and LI-V8.1.0.253. It delivers a payload to achieve remote code execution on Linux systems.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Borland InterBase LI-V8.0.0.53, LI-V8.0.0.54, LI-V8.1.0.253
No auth needed
Prerequisites: Network access to target's InterBase port (3050)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (9)

Core 9
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/25917
Exploit x_refsource_misc
http://risesecurity.org/blog/entry/3/
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/36956
Exploit x_refsource_misc
http://risesecurity.org/exploit/11/
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1018772
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3381
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/38610
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27058

Scores

EPSS 0.3750
EPSS Percentile 98.3%

Details

CWE
CWE-119
Status published
Products (3)
borland_software/interbase li_8.0.0.53
borland_software/interbase li_8.0.0.54
borland_software/interbase li_8.0.0.253
Published Oct 06, 2007
Tracked Since Feb 18, 2026