Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-5245

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2007-5245
Last Modified 07 Mar 2011 10:00:22
Published 06 Oct 2007 01:17:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-5245

Summary

Multiple stack-based buffer overflows in Firebird LI 1.5.3.4870 and 1.5.4.4910, and WI 1.5.3.4870 and 1.5.4.4910, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the SVC_attach function or (2) unspecified vectors involving the INET_connect function.

Vulnerable Systems

Application

  • Firebirdsql Firebird 1.5.3.4870

  • Firebirdsql Firebird 1.5.4.4910


References

VUPEN - ADV-2007-3380

BID - 25917

MISC - http://risesecurity.org/exploit/18/

MISC - http://risesecurity.org/blog/entry/3/

MISC - http://risesecurity.org/advisory/RISE-2007003/

XF - firebird-attach-connect-bo(36957)

SECTRACK - 1018773

BID - 25925

BUGTRAQ - 20071004 [RISE-2007003] Firebird Relational Database Multiple Buffer Overflow Vulnerabilities

SECUNIA - 28635

SECUNIA - 27066

MISC - http://www.risesecurity.org/advisory/RISE-2007003/


Last Updated: 27 May 2016 11:02:31