Vulnerabilities > Firebirdsql

DATE CVE VULNERABILITY TITLE RISK
2007-06-29 CVE-2006-7213 Remote vulnerability in Firebirdsql Firebird 1.5
Firebird 1.5 allows remote authenticated users without SYSDBA and owner permissions to overwrite a database by creating a database.
network
low complexity
firebirdsql
5.5
2007-06-29 CVE-2006-7212 Remote vulnerability in Firebirdsql Firebird 1.5
Multiple buffer overflows in Firebird 1.5, one of which affects WNET, have unknown impact and attack vectors.
network
firebirdsql
6.8
2007-06-29 CVE-2006-7211 Remote vulnerability in Firebirdsql Firebird 1.5
fb_lock_mgr in Firebird 1.5 uses weak permissions (0666) for the semaphore array, which allows local users to cause a denial of service (blocked query processing) by locking semaphores.
local
low complexity
firebirdsql
4.9
2007-06-12 CVE-2007-3181 Remote Buffer Overflow vulnerability in Firebird SQL Fbserver
Buffer overflow in fbserver.exe in Firebird SQL 2 before 2.0.1 allows remote attackers to execute arbitrary code via a large p_cnct_count value in a p_cnct structure in a connect (0x01) request to port 3050/tcp, related to "an InterBase version of gds32.dll." Failed exploit attempts will likely cause a denial of service on the server.
network
low complexity
bakbone firebirdsql
critical
10.0
2007-05-11 CVE-2007-2606 Buffer Overflow vulnerability in Firebirdsql Firebird 2.1
Multiple buffer overflows in Firebird 2.1 allow attackers to trigger memory corruption and possibly have other unspecified impact via certain input processed by (1) config\ConfigFile.cpp or (2) msgs\check_msgs.epp.
network
low complexity
firebirdsql
7.8
2006-03-15 CVE-2006-1241 Local Inet_Server Buffer Overflow vulnerability in Firebirdsql Firebird 1.5.2.4731
Firebird 1.5.2.4731 installs (1) fb_lock_mgr, (2) gds_drop, and (3) fb_inet_server with setuid firebird permissions, which might allow local users to gain privileges via a buffer overflow as identified by CVE-2006-1240, or possibly other vulnerabilities.
local
low complexity
firebirdsql
4.6
2006-03-15 CVE-2006-1240 Local Inet_Server Buffer Overflow vulnerability in Firebirdsql Firebird 1.5/1.5.1/1.5.2
Buffer overflow in inet_server.cpp in (1) fb_inet_server and (2) fbserver in Firebird 1.5.2.4731 allows local users to gain privileges via a long value of the -p argument.
local
low complexity
firebirdsql
4.6
2004-12-31 CVE-2004-1449 File-Upload vulnerability in Browser
Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7 allows remote attackers to determine the location of files on a user's hard drive by obscuring a file upload control and tricking the user into dragging text into that control.
network
high complexity
firebirdsql mozilla
2.6
2004-08-18 CVE-2004-0779 Remote Security vulnerability in Firebird
The (1) Mozilla 1.6, (2) Firebird 0.7 and (3) Firefox 0.8 web browsers do not properly verify that cached passwords for SSL encrypted sites are only sent via SSL encrypted sessions to the site, which allows a remote attacker to cause a cached password to be sent in cleartext to a spoofed site.
network
low complexity
firebirdsql mozilla
7.5
2004-07-27 CVE-2004-0718 Multiple vulnerability Fixed in SCO OpenServer Release 5.0.7 Maintenance Pack 4 Released -
The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
network
low complexity
firebirdsql mozilla netscape
7.5