Vulnerabilities > Firebirdsql
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-06-29 | CVE-2006-7213 | Remote vulnerability in Firebirdsql Firebird 1.5 Firebird 1.5 allows remote authenticated users without SYSDBA and owner permissions to overwrite a database by creating a database. | 5.5 |
2007-06-29 | CVE-2006-7212 | Remote vulnerability in Firebirdsql Firebird 1.5 Multiple buffer overflows in Firebird 1.5, one of which affects WNET, have unknown impact and attack vectors. network firebirdsql | 6.8 |
2007-06-29 | CVE-2006-7211 | Remote vulnerability in Firebirdsql Firebird 1.5 fb_lock_mgr in Firebird 1.5 uses weak permissions (0666) for the semaphore array, which allows local users to cause a denial of service (blocked query processing) by locking semaphores. | 4.9 |
2007-06-12 | CVE-2007-3181 | Remote Buffer Overflow vulnerability in Firebird SQL Fbserver Buffer overflow in fbserver.exe in Firebird SQL 2 before 2.0.1 allows remote attackers to execute arbitrary code via a large p_cnct_count value in a p_cnct structure in a connect (0x01) request to port 3050/tcp, related to "an InterBase version of gds32.dll." Failed exploit attempts will likely cause a denial of service on the server. | 10.0 |
2007-05-11 | CVE-2007-2606 | Buffer Overflow vulnerability in Firebirdsql Firebird 2.1 Multiple buffer overflows in Firebird 2.1 allow attackers to trigger memory corruption and possibly have other unspecified impact via certain input processed by (1) config\ConfigFile.cpp or (2) msgs\check_msgs.epp. | 7.8 |
2006-03-15 | CVE-2006-1241 | Local Inet_Server Buffer Overflow vulnerability in Firebirdsql Firebird 1.5.2.4731 Firebird 1.5.2.4731 installs (1) fb_lock_mgr, (2) gds_drop, and (3) fb_inet_server with setuid firebird permissions, which might allow local users to gain privileges via a buffer overflow as identified by CVE-2006-1240, or possibly other vulnerabilities. | 4.6 |
2006-03-15 | CVE-2006-1240 | Local Inet_Server Buffer Overflow vulnerability in Firebirdsql Firebird 1.5/1.5.1/1.5.2 Buffer overflow in inet_server.cpp in (1) fb_inet_server and (2) fbserver in Firebird 1.5.2.4731 allows local users to gain privileges via a long value of the -p argument. | 4.6 |
2004-12-31 | CVE-2004-1449 | File-Upload vulnerability in Browser Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7 allows remote attackers to determine the location of files on a user's hard drive by obscuring a file upload control and tricking the user into dragging text into that control. | 2.6 |
2004-08-18 | CVE-2004-0779 | Remote Security vulnerability in Firebird The (1) Mozilla 1.6, (2) Firebird 0.7 and (3) Firefox 0.8 web browsers do not properly verify that cached passwords for SSL encrypted sites are only sent via SSL encrypted sessions to the site, which allows a remote attacker to cause a cached password to be sent in cleartext to a spoofed site. | 7.5 |
2004-07-27 | CVE-2004-0718 | Multiple vulnerability Fixed in SCO OpenServer Release 5.0.7 Maintenance Pack 4 Released - The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability. | 7.5 |