Launchpad CVE tracker

CVE 2008-0387

Integer overflow in Firebird SQL 1.0.3 and earlier, 1.5.x before 1.5.6, 2.0.x before 2.0.4, and 2.1.x before 2.1.0 RC1 might allow remote attackers to execute arbitrary code via crafted (1) op_receive, (2) op_start, (3) op_start_and_receive, (4) op_send, (5) op_start_and_send, and (6) op_start_send_and_receive XDR requests, which triggers memory corruption.

Related bugs and status

CVE-2008-0387 (Candidate) is related to these bugs:

Bug #210141: [firebird] [DSA-1529-1] Debian recommends upgrade to firebird2, support for firebird1.5 discontinued

Summary				In	Importance	Status
	210141	[firebird] [DSA-1529-1] Debian recommends upgrade to firebird2, support for firebird1.5 discontinued		firebird1.5 (Ubuntu)	Undecided	Won't Fix
	210141	[firebird] [DSA-1529-1] Debian recommends upgrade to firebird2, support for firebird1.5 discontinued		firebird2 (Ubuntu)	Undecided	Won't Fix

See the

CVE page on Mitre.org for more details.

References

CONFIRM: http://tracker.firebir...
BID: 27403
GENTOO: GLSA-200803-02
SECUNIA: 29203
DEBIAN: DSA-1529
SECUNIA: 29501
SREASON: 3580
MISC: http://www.coresecurit...
CONFIRM: http://sourceforge.net...
XF: firebird-xdrprotocol-i...
BUGTRAQ: 20080128 CORE-2007-121...

Launchpad.net

CVE 2008-0387

Related bugs and status

Related bugs

References