Show filters
6 Total Results
Displaying 1-6 of 6
Sort by:
Attacker Value
Unknown
CVE-2017-6369
Disclosure Date: March 24, 2017 (last updated November 26, 2024)
Insufficient checks in the UDF subsystem in Firebird 2.5.x before 2.5.7 and 3.0.x before 3.0.2 allow remote authenticated users to execute code by using a 'system' entrypoint from fbudf.so.
1
Attacker Value
Moderate
CVE-2013-2492
Disclosure Date: March 15, 2013 (last updated October 05, 2023)
Stack-based buffer overflow in Firebird 2.1.3 through 2.1.5 before 18514, and 2.5.1 through 2.5.3 before 26623, on Windows allows remote attackers to execute arbitrary code via a crafted packet to TCP port 3050, related to a missing size check during extraction of a group number from CNCT information.
0
Attacker Value
Unknown
CVE-2017-11509
Disclosure Date: March 28, 2018 (last updated November 26, 2024)
An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement.
0
Attacker Value
Unknown
CVE-2016-1569
Disclosure Date: January 13, 2016 (last updated November 25, 2024)
FireBird 2.5.5 allows remote authenticated users to cause a denial of service (daemon crash) by using service manager to invoke the gbak utility with an invalid parameter.
0
Attacker Value
Unknown
CVE-2012-5529
Disclosure Date: November 20, 2012 (last updated October 05, 2023)
TraceManager in Firebird 2.5.0 and 2.5.1, when trace is enabled, allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by preparing an empty dynamic SQL query.
0
Attacker Value
Unknown
CVE-2009-2620
Disclosure Date: July 29, 2009 (last updated October 04, 2023)
src/remote/server.cpp in fbserver.exe in Firebird SQL 1.5 before 1.5.6, 2.0 before 2.0.6, 2.1 before 2.1.3, and 2.5 before 2.5 Beta 2 allows remote attackers to cause a denial of service (daemon crash) via a malformed op_connect_request message that triggers an infinite loop or NULL pointer dereference.
0
