CVE-2015-2788

EUVD-2015-2877
Multiple stack-based buffer overflows in the ib_fill_isqlda function in dbdimp.c in DBD-Firebird before 1.19 allow remote attackers to have unspecified impact via unknown vectors that trigger an error condition, related to binding octets to columns.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
Base Score
CVSS 3.x
EPSS Score
Percentile: 91%
Affected Products (NVD)
VendorProductVersion
debiandebian_linux
7.0
debiandbd-firebird
𝑥
≤ 1.18
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libdbd-firebird-perl
bookworm
1.34-1
fixed
bullseye
1.32-1
fixed
sid
1.35-1
fixed
trixie
1.35-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libdbd-firebird-perl
artful
Fixed 1.18-2
released
bionic
Fixed 1.18-2
released
cosmic
Fixed 1.18-2
released
disco
Fixed 1.18-2
released
lucid
dne
precise
Fixed 0.91-2+deb7u1build0.12.04.1
released
trusty
dne
utopic
ignored
vivid
Fixed 1.18-2
released
wily
Fixed 1.18-2
released
xenial
Fixed 1.18-2
released
yakkety
Fixed 1.18-2
released
zesty
Fixed 1.18-2
released
Common Weakness Enumeration
References
http://www.debian.org/security/2015/dsa-3219
http://www.openwall.com/lists/oss-security/2015/03/30/10
http://www.openwall.com/lists/oss-security/2015/03/30/4
http://www.securityfocus.com/bid/73409
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780925
https://metacpan.org/source/DAM/DBD-Firebird-1.19/Changes
http://www.debian.org/security/2015/dsa-3219
http://www.openwall.com/lists/oss-security/2015/03/30/10
http://www.openwall.com/lists/oss-security/2015/03/30/4
http://www.securityfocus.com/bid/73409
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780925
https://metacpan.org/source/DAM/DBD-Firebird-1.19/Changes