7.8
CVE-2008-0387
- EPSS 45.87%
- Veröffentlicht 29.01.2008 02:00:00
- Zuletzt bearbeitet 16.06.2026 22:49:30
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Integer overflow in Firebird SQL 1.0.3 and earlier, 1.5.x before 1.5.6, 2.0.x before 2.0.4, and 2.1.x before 2.1.0 RC1 might allow remote attackers to execute arbitrary code via crafted (1) op_receive, (2) op_start, (3) op_start_and_receive, (4) op_send, (5) op_start_and_send, and (6) op_start_send_and_receive XDR requests, which triggers memory corruption.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Firebirdsql ≫ Firebird Version <= 1.0.3
Firebirdsql ≫ Firebird Version >= 1.5 < 1.5.6
Firebirdsql ≫ Firebird Version >= 2.0.0 < 2.0.4
Firebirdsql ≫ Firebird Version2.1.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 45.87% | 0.986 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 10 | 6.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:C
|
http://secunia.com/advisories/29501
http://www.debian.org/security/2008/dsa-1529
http://secunia.com/advisories/29203
http://security.gentoo.org/glsa/glsa-200803-02.xml
http://securityreason.com/securityalert/3580
http://sourceforge.net/project/shownotes.php?group_id=9028&release_id=570800
http://tracker.firebirdsql.org/browse/CORE-1681
http://www.coresecurity.com/?action=item&id=2095
http://www.securityfocus.com/archive/1/487173/100/0/threaded
http://www.securityfocus.com/bid/27403
https://exchange.xforce.ibmcloud.com/vulnerabilities/39996