CVE-2008-0467

Summary

CVE	CVE-2008-0467
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2008-01-29 02:00:00 UTC
Updated	2017-08-08 01:29:00 UTC
Description	Stack-based buffer overflow in Firebird before 2.0.4, and 2.1.x before 2.1.0 RC1, might allow remote attackers to execute arbitrary code via a long username.

Risk And Classification

Problem Types: CWE-119

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Firebirdsql	Firebird	All	All	All	All
Application	Firebirdsql	Firebird	All	rc1	All	All

References

Reference	Source	Link	Tags
Debian firebird2 Multiple Vulnerabilities - Secunia Advisories - Vulnerability Intelligence - Secunia.com	SECUNIA	secunia.com
Firebird download \| SourceForge.net	CONFIRM	sourceforge.net
[#CORE-1603] Possible buffer overflow with long user name - Firebird RDBMS Issue Tracker	CONFIRM	tracker.firebirdsql.org
Firebird Username Remote Buffer Overflow Vulnerability	BID	www.securityfocus.com
IBM X-Force Exchange	XF	exchange.xforce.ibmcloud.com
Webmail : Solution de messagerie professionnelle - OVHcloud- OVH	VUPEN	www.vupen.com
Firebird download \| SourceForge.net	CONFIRM	sourceforge.net
Debian -- Security Information -- DSA-1529-1 firebird	DEBIAN	www.debian.org
SecurityTracker.com Archives - Firebird Buffer Overflow in Processing 'username' Lets Remote Users Execute Arbitrary Code	SECTRACK	www.securitytracker.com
Firebird Multiple Vulnerabilities - Secunia Advisories - Vulnerability Intelligence - Secunia.com	SECUNIA	secunia.com	Vendor Advisory
Firebird: Multiple vulnerabilities — Gentoo Linux Documentation	GENTOO	security.gentoo.org
Gentoo update for firebird - Advisories - Secunia	SECUNIA	secunia.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.