CVE-2015-2788

Multiple stack-based buffer overflows in the ib_fill_isqlda function in dbdimp.c in DBD-Firebird before 1.19 allow remote attackers to have unspecified impact via unknown vectors that trigger an error condition, related to binding octets to columns.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
debianCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 91%
VendorProductVersion
debiandebian_linux
7.0
debiandbd-firebird
𝑥
≤ 1.18
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libdbd-firebird-perl
bullseye
1.32-1
fixed
bookworm
1.34-1
fixed
sid
1.35-1
fixed
trixie
1.35-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libdbd-firebird-perl
disco
Fixed 1.18-2
released
cosmic
Fixed 1.18-2
released
bionic
Fixed 1.18-2
released
artful
Fixed 1.18-2
released
zesty
Fixed 1.18-2
released
yakkety
Fixed 1.18-2
released
xenial
Fixed 1.18-2
released
wily
Fixed 1.18-2
released
vivid
Fixed 1.18-2
released
utopic
ignored
trusty
dne
precise
Fixed 0.91-2+deb7u1build0.12.04.1
released
lucid
dne
Common Weakness Enumeration
References
http://www.debian.org/security/2015/dsa-3219
http://www.openwall.com/lists/oss-security/2015/03/30/10
http://www.openwall.com/lists/oss-security/2015/03/30/4
http://www.securityfocus.com/bid/73409
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780925
https://metacpan.org/source/DAM/DBD-Firebird-1.19/Changes
http://www.debian.org/security/2015/dsa-3219
http://www.openwall.com/lists/oss-security/2015/03/30/10
http://www.openwall.com/lists/oss-security/2015/03/30/4
http://www.securityfocus.com/bid/73409
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780925
https://metacpan.org/source/DAM/DBD-Firebird-1.19/Changes