Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0281

Overview

Vulnerability Score 4.6 4.6
CVE Id CVE-2003-0281
Last Modified 05 Sep 2008 04:33:56
Published 16 Jun 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2003-0281

Summary

Buffer overflow in Firebird 1.0.2 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_inet_server, (2) gds_lock_mgr, or (3) gds_drop.

Vulnerable Systems

Application

  • Firebirdsql Firebird 1.0.2


References

XF - firebird-interbase-bo(11977)

BID - 7546

GENTOO - GLSA-200405-18

SECUNIA - 8758

BUGTRAQ - 20020617 Interbase 6.0 malloc() issues

BUGTRAQ - 20030509 Firebird Local exploit


Last Updated: 27 May 2016 10:37:50