CVE-2007-5246 Information

Share on:

Feb 14, 2021 cve

Description

Multiple stack-based buffer overflows in Firebird LI 2.0.0.12748 and 2.0.1.12855 and WI 2.0.0.12748 and 2.0.1.12855 allow remote attackers to execute arbitrary code via (1) a long attach request on TCP port 3050 to the isc_attach_database function or (2) a long create request on TCP port 3050 to the isc_create_database function.

Reference

http://bugs.gentoo.org/show_bug.cgi?id=195569 http://risesecurity.org/advisory/RISE-2007003/ http://risesecurity.org/blog/entry/3/ http://risesecurity.org/exploit/16/ http://risesecurity.org/exploit/17/ http://secunia.com/advisories/27057 http://secunia.com/advisories/27982 http://security.gentoo.org/glsa/glsa-200712-06.xml http://www.risesecurity.org/advisory/RISE-2007003/ http://www.securityfocus.com/archive/1/481491/100/0/threaded http://www.securityfocus.com/bid/25917 http://www.securityfocus.com/bid/25925 http://www.securitytracker.com/id?1018773 http://www.vupen.com/english/advisories/2007/3379 https://exchange.xforce.ibmcloud.com/vulnerabilities/36958