Scalabium dBase Viewer Remote Code Execution via Buffer Overflow

CVE ID

CVE-2021–35297

Description

Buffer overflow vulnerability in dbfview.exe in Scalabium dBase Viewer 2.6 (Build 5.751) allows remote attackers to execute arbitrary code via a crafted DBF file.

Tested Versions

Scalabium dBase Viewer version 2.6 (Build 5.751)

Details

Scalabium dBase Viewer version 2.6 (Build 5.751) is vulnerable to remote code execution via a crafted DBF file that triggers a buffer overflow. An attacker can the Structured Exception Handler (SEH) records and redirect execution to attacker-controlled code.

Timeline

  • 2021-06-07 - Vendor Disclosure
  • 2021-06-09 - Vendor Patched
  • 2021-09-18 - Public Release

Credit

Discovered by Eugene Lim of GovTech Singapore.