CVE Vulnerabilities

CVE-2008-0387

Published: Jan 29, 2008 | Modified: Oct 26, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.8 HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu
UNTRIAGED

Integer overflow in Firebird SQL 1.0.3 and earlier, 1.5.x before 1.5.6, 2.0.x before 2.0.4, and 2.1.x before 2.1.0 RC1 might allow remote attackers to execute arbitrary code via crafted (1) op_receive, (2) op_start, (3) op_start_and_receive, (4) op_send, (5) op_start_and_send, and (6) op_start_send_and_receive XDR requests, which triggers memory corruption.

Affected Software

Name Vendor Start Version End Version
Firebird Firebirdsql * 1.0.3 (including)
Firebird Firebirdsql 1.5 (including) 1.5.6 (excluding)
Firebird Firebirdsql 2.0.0 (including) 2.0.4 (excluding)
Firebird Firebirdsql 2.1.0 (including) 2.1.0 (including)
Firebird2 Ubuntu dapper *
Firebird2 Ubuntu edgy *
Firebird2 Ubuntu feisty *
Firebird2 Ubuntu upstream *
Firebird2.0 Ubuntu devel *
Firebird2.0 Ubuntu gutsy *
Firebird2.0 Ubuntu hardy *
Firebird2.0 Ubuntu intrepid *
Firebird2.0 Ubuntu jaunty *
Firebird2.0 Ubuntu karmic *
Firebird2.0 Ubuntu upstream *

References