CVE-2008-0387

EUVD-2008-0397
Integer overflow in Firebird SQL 1.0.3 and earlier, 1.5.x before 1.5.6, 2.0.x before 2.0.4, and 2.1.x before 2.1.0 RC1 might allow remote attackers to execute arbitrary code via crafted (1) op_receive, (2) op_start, (3) op_start_and_receive, (4) op_send, (5) op_start_and_send, and (6) op_start_send_and_receive XDR requests, which triggers memory corruption.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 98%
Affected Products (NVD)
VendorProductVersion
firebirdsqlfirebird
𝑥
≤ 1.0.3
firebirdsqlfirebird
1.5 ≤
𝑥
< 1.5.6
firebirdsqlfirebird
2.0.0 ≤
𝑥
< 2.0.4
firebirdsqlfirebird
2.1.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
firebird2
dapper
ignored
edgy
ignored
feisty
ignored
gutsy
dne
hardy
dne
intrepid
dne
jaunty
dne
karmic
dne
firebird2.0
dapper
dne
edgy
dne
feisty
dne
gutsy
ignored
hardy
Fixed 2.0.3.12981.ds1-4
released
intrepid
Fixed 2.0.3.12981.ds1-4
released
jaunty
Fixed 2.0.3.12981.ds1-4
released
karmic
Fixed 2.0.3.12981.ds1-4
released
Common Weakness Enumeration
References
http://secunia.com/advisories/29203
http://secunia.com/advisories/29501
http://security.gentoo.org/glsa/glsa-200803-02.xml
http://securityreason.com/securityalert/3580
http://sourceforge.net/project/shownotes.php?group_id=9028&release_id=570800
http://tracker.firebirdsql.org/browse/CORE-1681
http://www.coresecurity.com/?action=item&id=2095
http://www.debian.org/security/2008/dsa-1529
http://www.securityfocus.com/archive/1/487173/100/0/threaded
http://www.securityfocus.com/bid/27403
https://exchange.xforce.ibmcloud.com/vulnerabilities/39996
http://secunia.com/advisories/29203
http://secunia.com/advisories/29501
http://security.gentoo.org/glsa/glsa-200803-02.xml
http://securityreason.com/securityalert/3580
http://sourceforge.net/project/shownotes.php?group_id=9028&release_id=570800
http://tracker.firebirdsql.org/browse/CORE-1681
http://www.coresecurity.com/?action=item&id=2095
http://www.debian.org/security/2008/dsa-1529
http://www.securityfocus.com/archive/1/487173/100/0/threaded
http://www.securityfocus.com/bid/27403
https://exchange.xforce.ibmcloud.com/vulnerabilities/39996