CVE-2008-0387
Published: 29 January 2008
Integer overflow in Firebird SQL 1.0.3 and earlier, 1.5.x before 1.5.6, 2.0.x before 2.0.4, and 2.1.x before 2.1.0 RC1 might allow remote attackers to execute arbitrary code via crafted (1) op_receive, (2) op_start, (3) op_start_and_receive, (4) op_send, (5) op_start_and_send, and (6) op_start_send_and_receive XDR requests, which triggers memory corruption.
Priority
Status
Package | Release | Status |
---|---|---|
firebird2 Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
edgy |
Ignored
(end of life, was needed)
|
|
feisty |
Ignored
(end of life, was needed)
|
|
gutsy |
Does not exist
|
|
hardy |
Does not exist
|
|
intrepid |
Does not exist
|
|
jaunty |
Does not exist
|
|
karmic |
Does not exist
|
|
upstream |
Needed
|
|
firebird2.0 Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
edgy |
Does not exist
|
|
feisty |
Does not exist
|
|
gutsy |
Ignored
(end of life, was needed)
|
|
hardy |
Released
(2.0.3.12981.ds1-4)
|
|
intrepid |
Released
(2.0.3.12981.ds1-4)
|
|
jaunty |
Released
(2.0.3.12981.ds1-4)
|
|
karmic |
Released
(2.0.3.12981.ds1-4)
|
|
upstream |
Needed
|