CVE-2007-5245Improper Restriction of Operations within the Bounds of a Memory Buffer in Firebird

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer3 documents3 sources
Severity
10.0CRITICALNVD
EPSS
11.3%
top 6.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Firebirdsql Firebird
Timeline
PublishedOct 6
Latest updateMay 1

Description

Multiple stack-based buffer overflows in Firebird LI 1.5.3.4870 and 1.5.4.4910, and WI 1.5.3.4870 and 1.5.4.4910, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the SVC_attach function or (2) unspecified vectors involving the INET_connect function.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDfirebirdsql/firebird1.5.3.4870, 1.5.4.4910+1

🔴Vulnerability Details

2
GHSA
GHSA-56gm-wg67-34qm: Multiple stack-based buffer overflows in Firebird LI 12022-05-01
CVEList
CVE-2007-5245: Multiple stack-based buffer overflows in Firebird LI 12007-10-06
CVE-2007-5245 — Firebirdsql Firebird vulnerability | cvebase