Remote Code Execution Vulnerability in Firebird Database Software
CVE-2013-2492

Currently unrated

Key Information:

Vendor: Firebirdsql
Status: Firebird
Vendor: CVE Published:; 15 March 2013

🔔 Create Firebirdsql Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 86%

What is CVE-2013-2492?

A stack-based buffer overflow vulnerability has been identified in the Firebird database server versions 2.1.3 to 2.1.5 and 2.5.1 to 2.5.3 on Windows. This flaw occurs due to a lack of proper size checks during the extraction of a group number from connection (CNCT) information when processing incoming packets on TCP port 3050. Exploiting this vulnerability allows remote attackers to craft malicious packets that could lead to the execution of arbitrary code on the affected systems, posing significant risks to data integrity and confidentiality.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2013-2492 - Proof of Concept

References

https://security.gentoo.org/glsa/201512-11

vendor-advisoryx_refsource_GENTOO

https://gist.github.com/zeroSteiner/85daef257831d904479c

x_refsource_MISC

http://lists.opensuse.org/opensuse-security-announce/2013...

vendor-advisoryx_refsource_SUSE

EPSS Score

86% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Mar 15, 2013
👾
Exploit known to exist
Mar 15, 2013
Vulnerability published
Mar 15, 2013
Vulnerability Reserved
Mar 6, 2013

CVE-2013-2492 Data

JSON