Denial of Service Vulnerability in Firebird Database Server
CVE-2014-9323

Currently unrated

Key Information:

Vendor: Firebirdsql
Status: Firebird
Vendor: CVE Published:; 16 December 2014

🔔 Create Firebirdsql Vulnerability Alert

What is CVE-2014-9323?

The xdr_status_vector function in Firebird versions prior to 2.1.7 and in the 2.5.x series before version 2.5.3 SU1 is vulnerable to a denial of service attack. This vulnerability allows remote attackers to exploit a non-empty status in an op_response action, which can result in a NULL pointer dereference, leading to a segmentation fault and subsequent server crash. It is essential for users and administrators to apply the latest updates to mitigate this risk effectively.

References

http://www.debian.org/security/2014/dsa-3109

vendor-advisoryx_refsource_DEBIAN

http://www.firebirdsql.org/en/news/security-updates-for-v...

x_refsource_CONFIRM

http://www.mandriva.com/security/advisories?name=MDVSA-20...

vendor-advisoryx_refsource_MANDRIVA

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 16, 2014
Vulnerability Reserved
Dec 7, 2014

CVE-2014-9323 Data

JSON