Firebirdsql: >> Firebird Security Vulnerabilities
The (1) Mozilla 1.6, (2) Firebird 0.7 and (3) Firefox 0.8 web browsers do not properly verify that cached passwords for SSL encrypted sites are only sent via SSL encrypted sessions to the site, which allows a remote attacker to cause a cached password to be sent in cleartext to a spoofed site.
CVSS Score
7.5
EPSS Score
0.008
Published
2004-08-18
The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.
CVSS Score
7.5
EPSS Score
0.019
Published
2004-07-27
Buffer overflow in ibserver for Firebird Database 1.0 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows remote attackers to cause a denial of service (crash) via a long database name, as demonstrated using the gsec command.
CVSS Score
5.0
EPSS Score
0.475
Published
2004-05-01
Buffer overflow in Firebird 1.0.2 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_inet_server, (2) gds_lock_mgr, or (3) gds_drop.
CVSS Score
4.6
EPSS Score
0.001
Published
2003-06-16
Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK).
CVSS Score
7.2
EPSS Score
0.001
Published
2003-04-11
Backdoor account in Interbase database server allows remote attackers to overwrite arbitrary files using stored procedures.
CVSS Score
10.0
EPSS Score
0.275
Published
2001-02-12
Page 4