Firebirdsql : Security Vulnerabilities, CVEs, Published In June 2007

CVE-2007-3181

Buffer overflow in fbserver.exe in Firebird SQL 2 before 2.0.1 allows remote attackers to execute arbitrary code via a large p_cnct_count value in a p_cnct structure in a connect (0x01) request to port 3050/tcp, related to "an InterBase version of gds32.dll."
Max CVSS
10.0
EPSS Score
32.73%
Published
2007-06-12
Updated
2017-07-29

CVE-2006-7214

Multiple unspecified vulnerabilities in Firebird 1.5 allow remote attackers to (1) cause a denial of service (application crash) by sending many remote protocol versions; and (2) cause a denial of service (connection drop) via certain network traffic, as demonstrated by Nessus vulnerability scanning.
Max CVSS
7.8
EPSS Score
1.07%
Published
2007-06-29
Updated
2008-09-05

CVE-2006-7213

Firebird 1.5 allows remote authenticated users without SYSDBA and owner permissions to overwrite a database by creating a database.
Max CVSS
5.5
EPSS Score
0.16%
Published
2007-06-29
Updated
2008-09-05

CVE-2006-7212

Multiple buffer overflows in Firebird 1.5, one of which affects WNET, have unknown impact and attack vectors. NOTE: this issue might overlap CVE-2006-1240.
Max CVSS
6.8
EPSS Score
0.29%
Published
2007-06-29
Updated
2008-09-05

CVE-2006-7211

fb_lock_mgr in Firebird 1.5 uses weak permissions (0666) for the semaphore array, which allows local users to cause a denial of service (blocked query processing) by locking semaphores.
Max CVSS
4.9
EPSS Score
0.04%
Published
2007-06-29
Updated
2008-09-05
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close