Stack-Based Buffer Overflow in Firebird Database Software
CVE-2008-0467

Currently unrated

Key Information:

Vendor: Firebirdsql
Status: Firebird
Vendor: CVE Published:; 29 January 2008

🔔 Create Firebirdsql Vulnerability Alert

What is CVE-2008-0467?

A stack-based buffer overflow exists in Firebird database software versions prior to 2.0.4 and 2.1.x before 2.1.0 RC1. This vulnerability could allow remote attackers to execute arbitrary code by sending a specially crafted long username to the database server. The exploitation of this issue showcases the need for proper input validation and security measures within database applications to safeguard against unauthorized access and command execution. Users are advised to upgrade to the latest versions or apply relevant patches to mitigate the risk associated with this vulnerability.

References

http://security.gentoo.org/glsa/glsa-200803-02.xml

vendor-advisoryx_refsource_GENTOO

http://sourceforge.net/project/shownotes.php?release_id=5...

x_refsource_CONFIRM

http://secunia.com/advisories/29203

third-party-advisoryx_refsource_SECUNIA

EPSS Score

23% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 29, 2008
Vulnerability Reserved
Jan 28, 2008

CVE-2008-0467 Data

JSON