Vulnerabilities > Firebirdsql > Firebird > 2.1.4

DATE CVE VULNERABILITY TITLE RISK
2014-12-16 CVE-2014-9323 Null Pointer Dereference vulnerability in multiple products
The xdr_status_vector function in Firebird before 2.1.7 and 2.5.x before 2.5.3 SU1 allows remote attackers to cause a denial of service (NULL pointer dereference, segmentation fault, and crash) via an op_response action with a non-empty status.
network
low complexity
firebirdsql opensuse debian canonical CWE-476
5.0
5.0
2013-03-15 CVE-2013-2492 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Firebirdsql Firebird
Stack-based buffer overflow in Firebird 2.1.3 through 2.1.5 before 18514, and 2.5.1 through 2.5.3 before 26623, on Windows allows remote attackers to execute arbitrary code via a crafted packet to TCP port 3050, related to a missing size check during extraction of a group number from CNCT information. 		6.8
6.8