CVE-2007-4665

Published: Sep 4, 2007Modified: Apr 23, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Unspecified vulnerability in the server in Firebird before 2.0.2 allows remote attackers to cause a denial of service (daemon crash) via an XNET session that makes multiple simultaneous requests to register events, aka CORE-1403.

Affected (1)

Products: Firebirdsql: Firebird

Firebirdsql

1 product

Firebird

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Firebirdsql Firebird	Up to 2.0.1

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (20)

http://secunia.com/advisories/26615

Source: cve@mitre.org

PatchVendor Advisory

http://secunia.com/advisories/29501

Source: cve@mitre.org

http://sourceforge.net/project/shownotes.php?release_id=535898

Source: cve@mitre.org

http://tracker.firebirdsql.org/browse/CORE-1403

Source: cve@mitre.org

http://www.debian.org/security/2008/dsa-1529

Source: cve@mitre.org

http://www.firebirdsql.org/index.php?op=files&id=engine_202

Source: cve@mitre.org

http://www.firebirdsql.org/rlsnotes/Firebird-2.0.2-ReleaseNotes.pdf

Source: cve@mitre.org

http://www.securityfocus.com/bid/25497

Source: cve@mitre.org

Patch

http://www.vupen.com/english/advisories/2007/3021

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/36353

Source: cve@mitre.org

http://secunia.com/advisories/26615