CVE Vulnerabilities

CVE-2008-0387

Published: Jan 29, 2008 | Modified: Oct 26, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.8 HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
RedHat/V2
RedHat/V3
Ubuntu

Integer overflow in Firebird SQL 1.0.3 and earlier, 1.5.x before 1.5.6, 2.0.x before 2.0.4, and 2.1.x before 2.1.0 RC1 might allow remote attackers to execute arbitrary code via crafted (1) op_receive, (2) op_start, (3) op_start_and_receive, (4) op_send, (5) op_start_and_send, and (6) op_start_send_and_receive XDR requests, which triggers memory corruption.

Affected Software

Name Vendor Start Version End Version
Firebird Firebirdsql * 1.0.3
Firebird Firebirdsql 2.0.0 *
Firebird Firebirdsql 2.1.0 2.1.0
Firebird Firebirdsql 1.5 *

References