Scalabium dBase Viewer Remote Code Execution via Buffer Overflow
Buffer overflow vulnerability in dbfview.exe in Scalabium dBase Viewer 2.6 (Build 5.751) allows remote attackers to execute arbitrary code via a crafted DBF file.
Scalabium dBase Viewer version 2.6 (Build 5.751)
Scalabium dBase Viewer version 2.6 (Build 5.751) is vulnerable to remote code execution via a crafted DBF file that triggers a buffer overflow. An attacker can the Structured Exception Handler (SEH) records and redirect execution to attacker-controlled code.
- 2021-06-07 - Vendor Disclosure
- 2021-06-09 - Vendor Patched
- 2021-09-18 - Public Release
Discovered by Eugene Lim of GovTech Singapore.