← voltar
CVE-2008-0387

CVE-2008-0387

EPSS 45.9%
Integer overflow in Firebird SQL 1.0.3 and earlier, 1.5.x before 1.5.6, 2.0.x before 2.0.4, and 2.1.x before 2.1.0 RC1 might allow remote attackers to execute arbitrary code via crafted (1) op_receive, (2) op_start, (3) op_start_and_receive, (4) op_send, (5) op_start_and_send, and (6) op_start_send_and_receive XDR requests, which triggers memory corruption.
Produtos afetados
n/a · n/a
PoCs públicas encontradas1
exploitdbwww.exploit-db.com/exploits/31050não verificado
⚠ Recursos públicos, para você avaliar a exposição de sistemas que controla ou está autorizado a testar. Teste apenas com autorização.

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://secunia.com/advisories/29203http://secunia.com/advisories/29501http://security.gentoo.org/glsa/glsa-200803-02.xmlhttp://securityreason.com/securityalert/3580https://exchange.xforce.ibmcloud.com/vulnerabilities/39996http://sourceforge.net/project/shownotes.php?group_id=9028&release_id=570800http://tracker.firebirdsql.org/browse/CORE-1681http://www.coresecurity.com/?action=item&id=2095http://www.debian.org/security/2008/dsa-1529http://www.securityfocus.com/archive/1/487173/100/0/threadedhttp://www.securityfocus.com/bid/27403