- Description
- Multiple stack-based buffer overflows in Firebird LI 1.5.3.4870 and 1.5.4.4910, and WI 1.5.3.4870 and 1.5.4.4910, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the SVC_attach function or (2) unspecified vectors involving the INET_connect function.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 10
- Impact score
- 10
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:C/I:C/A:C
- nvd@nist.gov
- CWE-119
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:firebirdsql:firebird:1.5.3.4870:*:linux:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "39A6767A-8BFF-4EB8-95FF-DD629955AFAB"
},
{
"criteria": "cpe:2.3:a:firebirdsql:firebird:1.5.3.4870:*:windows:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "72FA1E97-E370-4297-B438-7465FF7323F4"
},
{
"criteria": "cpe:2.3:a:firebirdsql:firebird:1.5.4.4910:*:linux:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9DCBCE4E-49B7-4F6D-8CA0-CD46827D58DB"
},
{
"criteria": "cpe:2.3:a:firebirdsql:firebird:1.5.4.4910:*:windows:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "40BCE9A8-3616-41C2-A42D-845A8DC65B9D"
}
],
"operator": "OR"
}
]
}
]