CVE-2012-5529 Information

Description

TraceManager in Firebird 2.5.0 and 2.5.1 when trace is enabled allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by preparing an empty dynamic SQL query.

Reference

http://tracker.firebirdsql.org/browse/CORE-3884 http://www.debian.org/security/2013/dsa-2648 http://www.openwall.com/lists/oss-security/2012/11/14/6 http://www.openwall.com/lists/oss-security/2012/11/14/8 http://www.securityfocus.com/bid/56521 http://www.securitytracker.com/id?1027769 https://exchange.xforce.ibmcloud.com/vulnerabilities/80073