CVE-2006-1241 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Firebird

3 documents3 sources

Severity

4.6MEDIUMNVD

EPSS

0.1%

top 83.66%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Firebirdsql Firebird

Timeline

PublishedMar 15

Latest updateMay 1

Description

Firebird 1.5.2.4731 installs (1) fb_lock_mgr, (2) gds_drop, and (3) fb_inet_server with setuid firebird permissions, which might allow local users to gain privileges via a buffer overflow as identified by CVE-2006-1240, or possibly other vulnerabilities.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

▶NVDfirebirdsql/firebird1.5.2.4731

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-5hgf-q6f7-84qq: Firebird 1↗2022-05-01

▶

CVEList

CVE-2006-1241: Firebird 1↗2006-03-15

▶