CVE-2008-0467
published 2008-01-29CVE-2008-0467: Stack-based buffer overflow in Firebird before 2.0.4, and 2.1.x before 2.1.0 RC1, might allow remote attackers to execute arbitrary code via a long username.
PriorityP347critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
6.44%
92.9th percentile
Stack-based buffer overflow in Firebird before 2.0.4, and 2.1.x before 2.1.0 RC1, might allow remote attackers to execute arbitrary code via a long username.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| damian_frizza | borland_interbase | — | — |
| firebirdsql | firebird | <= 2.0.3 | — |
| firebirdsql | firebird | <= 2.1 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-4xwx-58m8-fvjh: Integer overflow in Borland Interbase 2007 SP2 (8
ghsa_unreviewed·2022-05-01·CVSS 10.0
CVE-2008-2559 [CRITICAL] GHSA-4xwx-58m8-fvjh: Integer overflow in Borland Interbase 2007 SP2 (8
Integer overflow in Borland Interbase 2007 SP2 (8.1.0.256) allows remote attackers to execute arbitrary code via a malformed packet to TCP port 3050, which triggers a stack-based buffer overflow. NOTE: this issue might be related to CVE-2008-0467.
GHSA
GHSA-v684-4fqq-vwgc: Stack-based buffer overflow in Firebird before 2
ghsa_unreviewed·2022-05-01
CVE-2008-0467 [HIGH] CWE-119 GHSA-v684-4fqq-vwgc: Stack-based buffer overflow in Firebird before 2
Stack-based buffer overflow in Firebird before 2.0.4, and 2.1.x before 2.1.0 RC1, might allow remote attackers to execute arbitrary code via a long username.
No detection rules found.
No public exploits indexed.
http://secunia.com/advisories/28596http://secunia.com/advisories/29203http://secunia.com/advisories/29501http://security.gentoo.org/glsa/glsa-200803-02.xmlhttp://sourceforge.net/project/shownotes.php?group_id=9028&release_id=570800http://sourceforge.net/project/shownotes.php?release_id=570816&group_id=9028http://tracker.firebirdsql.org/browse/CORE-1603http://www.debian.org/security/2008/dsa-1529http://www.securityfocus.com/bid/27467http://www.securitytracker.com/id?1019277http://www.vupen.com/english/advisories/2008/0300https://exchange.xforce.ibmcloud.com/vulnerabilities/39981http://secunia.com/advisories/28596http://secunia.com/advisories/29203http://secunia.com/advisories/29501http://security.gentoo.org/glsa/glsa-200803-02.xmlhttp://sourceforge.net/project/shownotes.php?group_id=9028&release_id=570800http://sourceforge.net/project/shownotes.php?release_id=570816&group_id=9028http://tracker.firebirdsql.org/browse/CORE-1603http://www.debian.org/security/2008/dsa-1529http://www.securityfocus.com/bid/27467http://www.securitytracker.com/id?1019277http://www.vupen.com/english/advisories/2008/0300https://exchange.xforce.ibmcloud.com/vulnerabilities/39981
2008-01-29
Published