CVE-2016-1569

Published: Jan 13, 2016Modified: May 6, 2026

6.5

Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

FireBird 2.5.5 allows remote authenticated users to cause a denial of service (daemon crash) by using service manager to invoke the gbak utility with an invalid parameter.

Affected (1)

Products: Firebirdsql: Firebird

Firebirdsql

1 product

Firebird

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Firebirdsql Firebird	Version 2.5.5

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (10)

http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177119.html

Source: security@debian.org

http://sourceforge.net/p/firebird/code/62783/

Source: security@debian.org

http://tracker.firebirdsql.org/browse/CORE-5068

Source: security@debian.org

http://www.openwall.com/lists/oss-security/2016/01/10/2

Source: security@debian.org

http://www.openwall.com/lists/oss-security/2016/01/10/3

Source: security@debian.org

Exploit

http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177119.html