Integer Overflow Vulnerability in Firebird SQL by Firebird Foundation
CVE-2008-0387

Currently unrated

Key Information:

Vendor: Firebirdsql
Status: Firebird
Vendor: CVE Published:; 29 January 2008

🔔 Create Firebirdsql Vulnerability Alert

What is CVE-2008-0387?

An integer overflow vulnerability exists in Firebird SQL that affects multiple versions, allowing remote attackers to execute arbitrary code by sending specially crafted XDR requests. Actions such as op_receive, op_start, op_start_and_receive, op_send, op_start_and_send, and op_start_send_and_receive can trigger memory corruption. This could lead to severe security risks if not addressed promptly.

References

http://security.gentoo.org/glsa/glsa-200803-02.xml

vendor-advisoryx_refsource_GENTOO

http://secunia.com/advisories/29203

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/39996

vdb-entryx_refsource_XF

EPSS Score

59% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 29, 2008
Vulnerability Reserved
Jan 22, 2008

CVE-2008-0387 Data

JSON