Denial of Service Vulnerability in Firebird Database by Authenticated Users
CVE-2012-5529

Currently unrated

Key Information:

Vendor: Firebirdsql
Status: Firebird
Vendor: CVE Published:; 20 November 2012

🔔 Create Firebirdsql Vulnerability Alert

What is CVE-2012-5529?

The TraceManager in Firebird database versions 2.5.0 and 2.5.1 contains a vulnerability that allows remote authenticated users to trigger a denial of service. This occurs when trace is enabled, and users execute an empty dynamic SQL query, leading to a NULL pointer dereference and subsequent crash of the server. To mitigate this risk, users are advised to disable tracing or upgrade to the latest versions where this vulnerability is addressed.

References

http://www.securitytracker.com/id?1027769

vdb-entryx_refsource_SECTRACK

https://exchange.xforce.ibmcloud.com/vulnerabilities/80073

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/56521

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 20, 2012
Vulnerability Reserved
Oct 24, 2012

CVE-2012-5529 Data

JSON