Vulnerabilities > Firebirdsql
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-10-06 | CVE-2007-5246 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Firebirdsql Firebird 2.0.0.12748/2.0.1.12855 Multiple stack-based buffer overflows in Firebird LI 2.0.0.12748 and 2.0.1.12855, and WI 2.0.0.12748 and 2.0.1.12855, allow remote attackers to execute arbitrary code via (1) a long attach request on TCP port 3050 to the isc_attach_database function or (2) a long create request on TCP port 3050 to the isc_create_database function. | 10.0 |
| 2007-10-06 | CVE-2007-5245 | Buffer Errors vulnerability in Firebirdsql Firebird 1.5.3.4870/1.5.4.4910 Multiple stack-based buffer overflows in Firebird LI 1.5.3.4870 and 1.5.4.4910, and WI 1.5.3.4870 and 1.5.4.4910, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the SVC_attach function or (2) unspecified vectors involving the INET_connect function. | 10.0 |
| 2007-09-04 | CVE-2007-4669 | Permissions, Privileges, and Access Controls vulnerability in Firebirdsql Firebird The Services API in Firebird before 2.0.2 allows remote authenticated users without SYSDBA privileges to read the server log (firebird.log), aka CORE-1148. | 4.0 |
| 2007-09-04 | CVE-2007-4668 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Firebirdsql Firebird Unspecified vulnerability in the server in Firebird before 2.0.2 allows remote attackers to determine the existence of arbitrary files, and possibly obtain other "file access," via unknown vectors, aka CORE-1312. | 5.0 |
| 2007-09-04 | CVE-2007-4667 | Multiple vulnerability in Firebird Unspecified vulnerability in the Services API in Firebird before 2.0.2 allows remote attackers to cause a denial of service, aka CORE-1149. | 5.0 |
| 2007-09-04 | CVE-2007-4666 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Firebirdsql Firebird Unspecified vulnerability in the server in Firebird before 2.0.2, when a Superserver/TCP/IP environment is configured, allows remote attackers to cause a denial of service (CPU and memory consumption) via "large network packets with garbage", aka CORE-1397. | 5.0 |
| 2007-09-04 | CVE-2007-4665 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Firebirdsql Firebird Unspecified vulnerability in the server in Firebird before 2.0.2 allows remote attackers to cause a denial of service (daemon crash) via an XNET session that makes multiple simultaneous requests to register events, aka CORE-1403. | 5.0 |
| 2007-09-04 | CVE-2007-4664 | Improper Input Validation vulnerability in Firebirdsql Firebird Unspecified vulnerability in the (1) attach database and (2) create database functionality in Firebird before 2.0.2, when a filename exceeds MAX_PATH_LEN, has unknown impact and attack vectors, aka CORE-1405. | 7.5 |
| 2007-07-03 | CVE-2007-3527 | Remote Denial Of Service vulnerability in Firebirdsql Firebird 2.0.0 Integer overflow in Firebird 2.0.0 allows remote authenticated users to cause a denial of service (CPU consumption) via certain database operations with multi-byte character sets that trigger an attempt to use the value 65536 for a 16-bit integer, which is treated as 0 and causes an infinite loop on zero-length data. | 6.8 |
| 2007-06-29 | CVE-2006-7214 | Remote vulnerability in Firebirdsql Firebird 1.5 Multiple unspecified vulnerabilities in Firebird 1.5 allow remote attackers to (1) cause a denial of service (application crash) by sending many remote protocol versions; and (2) cause a denial of service (connection drop) via certain network traffic, as demonstrated by Nessus vulnerability scanning. | 7.8 |