Vulnerabilities > Firebirdsql > Firebird > 2.5.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-03-24 | CVE-2017-6369 | Missing Authorization vulnerability in Firebirdsql Firebird Insufficient checks in the UDF subsystem in Firebird 2.5.x before 2.5.7 and 3.0.x before 3.0.2 allow remote authenticated users to execute code by using a 'system' entrypoint from fbudf.so. | 6.5 |
2014-12-16 | CVE-2014-9323 | Null Pointer Dereference vulnerability in multiple products The xdr_status_vector function in Firebird before 2.1.7 and 2.5.x before 2.5.3 SU1 allows remote attackers to cause a denial of service (NULL pointer dereference, segmentation fault, and crash) via an op_response action with a non-empty status. | 5.0 |
2013-03-15 | CVE-2013-2492 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Firebirdsql Firebird Stack-based buffer overflow in Firebird 2.1.3 through 2.1.5 before 18514, and 2.5.1 through 2.5.3 before 26623, on Windows allows remote attackers to execute arbitrary code via a crafted packet to TCP port 3050, related to a missing size check during extraction of a group number from CNCT information. | 6.8 |