Firebird Security Vulnerabilities and Issues — Firebird CVE List

Lucene search

FirebirdsqlFirebird

5 matches found

CVE•added 2003/06/16 4:0 a.m.•47 views

CVE-2003-0281

Buffer overflow in Firebird 1.0.2 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_inet_server, (2) gds_lock_mgr, or (3) gds_drop.

4.6CVSS7.5AI score0.00121EPSS

CVE•added 2006/03/15 5:6 p.m.•41 views

CVE-2006-1240

Buffer overflow in inet_server.cpp in (1) fb_inet_server and (2) fbserver in Firebird 1.5.2.4731 allows local users to gain privileges via a long value of the -p argument.

4.6CVSS6.7AI score0.00329EPSS

CVE•added 2007/09/04 10:17 p.m.•41 views

CVE-2007-4669

The Services API in Firebird before 2.0.2 allows remote authenticated users without SYSDBA privileges to read the server log (firebird.log), aka CORE-1148.

4CVSS6.1AI score0.00364EPSS

CVE•added 2006/03/15 5:6 p.m.•39 views

CVE-2006-1241

Firebird 1.5.2.4731 installs (1) fb_lock_mgr, (2) gds_drop, and (3) fb_inet_server with setuid firebird permissions, which might allow local users to gain privileges via a buffer overflow as identified by CVE-2006-1240, or possibly other vulnerabilities.

4.6CVSS7.3AI score0.00329EPSS

CVE•added 2007/06/29 6:30 p.m.•37 views

CVE-2006-7211

fb_lock_mgr in Firebird 1.5 uses weak permissions (0666) for the semaphore array, which allows local users to cause a denial of service (blocked query processing) by locking semaphores.

4.9CVSS6.2AI score0.00036EPSS