[email protected]CVE-2008-0467

HistoryJan 29, 2008 - 2:00 a.m.

CVE-2008-0467

2008-01-2902:00:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2008-0467

firebird

buffer overflow

remote code execution

nvd

7.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.176 Low

EPSS

Percentile

96.1%

JSON

Stack-based buffer overflow in Firebird before 2.0.4, and 2.1.x before 2.1.0 RC1, might allow remote attackers to execute arbitrary code via a long username.

CPENameOperatorVersion
firebirdsql:firebirdfirebirdsql firebirdle2.1
firebirdsql:firebirdfirebirdsql firebirdle2.0.3

CPE	Name	Operator	Version
firebirdsql:firebird	firebirdsql firebird	le	2.1
firebirdsql:firebird	firebirdsql firebird	le	2.0.3

References

secunia.com/advisories/28596

secunia.com/advisories/29203

secunia.com/advisories/29501

security.gentoo.org/glsa/glsa-200803-02.xml

sourceforge.net/project/shownotes.php?group_id=9028&release_id=570800

sourceforge.net/project/shownotes.php?release_id=570816&group_id=9028

tracker.firebirdsql.org/browse/CORE-1603

www.debian.org/security/2008/dsa-1529

www.securityfocus.com/bid/27467

www.securitytracker.com/id?1019277

www.vupen.com/english/advisories/2008/0300

exchange.xforce.ibmcloud.com/vulnerabilities/39981

7.7 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.176 Low

EPSS

Percentile

96.1%

JSON

Related for CVE-2008-0467

saint4 checkpoint_advisories1 securityvulns1 coresecurity1 prion2 ubuntucve1 gentoo1 nessus2 openvas2 cve1 debian1