CVE-2007-4992 Information

Description

Stack-based buffer overflow in the process_packet function in fbserver.exe in Firebird SQL 2.0.2 allows remote attackers to execute arbitrary code via a long request to TCP port 3050.

Reference

http://bugs.gentoo.org/show_bug.cgi?id=195569 http://secunia.com/advisories/27982 http://security.gentoo.org/glsa/glsa-200712-06.xml http://securitytracker.com/id?1018802 http://www.firebirdsql.org/rlsnotes/Firebird-2.0.3-ReleaseNotes.pdf http://www.securityfocus.com/archive/1/482025/100/0/threaded http://www.securityfocus.com/bid/26011 http://www.zerodayinitiative.com/advisories/ZDI-07-057.html https://exchange.xforce.ibmcloud.com/vulnerabilities/37079