CVE-2014-9323
16.12.2014, 18:59
The xdr_status_vector function in Firebird before 2.1.7 and 2.5.x before 2.5.3 SU1 allows remote attackers to cause a denial of service (NULL pointer dereference, segmentation fault, and crash) via an op_response action with a non-empty status.Enginsight
| Vendor | Product | Version |
|---|---|---|
| firebirdsql | firebird | 𝑥 < 2.1.7 |
| firebirdsql | firebird | 2.5 ≤ 𝑥 ≤ 2.5.3 |
| opensuse | evergreen | 11.4 |
| debian | debian_linux | 7.0 |
| debian | debian_linux | 8.0 |
| canonical | ubuntu_linux | 14.04 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| firebird2.0 |
| ||||||||||||||||||||||||
| firebird2.1 |
| ||||||||||||||||||||||||
| firebird2.5 |
|
Common Weakness Enumeration
References