Firebirdsql: >> Firebird >> 2.1.5 Security Vulnerabilities
The xdr_status_vector function in Firebird before 2.1.7 and 2.5.x before 2.5.3 SU1 allows remote attackers to cause a denial of service (NULL pointer dereference, segmentation fault, and crash) via an op_response action with a non-empty status.
CVSS Score
5.0
EPSS Score
0.017
Published
2014-12-16
Stack-based buffer overflow in Firebird 2.1.3 through 2.1.5 before 18514, and 2.5.1 through 2.5.3 before 26623, on Windows allows remote attackers to execute arbitrary code via a crafted packet to TCP port 3050, related to a missing size check during extraction of a group number from CNCT information.
CVSS Score
6.8
EPSS Score
0.853
Published
2013-03-15