Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-5529

Overview

Vulnerability Score 3.5 3.5
CVE Id CVE-2012-5529
Last Modified 14 May 2013 11:32:24
Published 19 Nov 2012 07:55:01
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication SINGLE_INSTANCE

CVE-2012-5529

Summary

TraceManager in Firebird 2.5.0 and 2.5.1, when trace is enabled, allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by preparing an empty dynamic SQL query.

Vulnerable Systems

Application

  • Firebirdsql Firebird 2.5.0

  • Firebirdsql Firebird 2.5.1


References

XF - firebird-tracedsqlprepareprepare-dos(80073)

SECTRACK - 1027769

BID - 56521

MLIST - [oss-security] 20121114 Re: CVE Request -- firebird: DoS (NULL pointer dereference) while preparing an empty query with trace enabled

MLIST - [oss-security] 20121114 CVE Request -- firebird: DoS (NULL pointer dereference) while preparing an empty query with trace enabled

CONFIRM - http://tracker.firebirdsql.org/browse/CORE-3884

DEBIAN - DSA-2648


Last Updated: 27 May 2016 10:55:05