CVE-2007-2606 Information

Description

Multiple buffer overflows in Firebird 2.1 allow attackers to trigger memory corruption and possibly have other unspecified impact via certain input processed by (1) config\ConfigFile.cpp or (2) msgs\check_msgs.epp. NOTE: if ConfigFile.cpp reads a configuration file with restrictive permissions then the ConfigFile.cpp vector may not cross privilege boundaries and perhaps should not be included in CVE.

Reference

http://osvdb.org/37308 http://osvdb.org/37309 http://secunia.com/advisories/29501 http://securityreason.com/securityalert/2708 http://www.debian.org/security/2008/dsa-1529 http://www.securityfocus.com/archive/1/468070/100/0/threaded http://www.securityfocus.com/bid/28478 https://exchange.xforce.ibmcloud.com/vulnerabilities/34201