Integer overflow in Firebird SQL 1.0.3 and earlier, 1.5.x before 1.5.6, 2.0.x before 2.0.4, and 2.1.x before 2.1.0 RC1 might allow remote attackers to execute arbitrary code via crafted (1) op_receive, (2) op_start, (3) op_start_and_receive, (4) op_send, (5) op_start_and_send, and (6) op_start_send_and_receive XDR requests, which triggers memory corruption.
Weaknesses in this category are related to improper calculation or conversion of numbers.
| Link | Tags |
|---|---|
| http://security.gentoo.org/glsa/glsa-200803-02.xml | third party advisory vendor advisory |
| http://secunia.com/advisories/29203 | third party advisory |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/39996 | vdb entry third party advisory |
| http://www.coresecurity.com/?action=item&id=2095 | third party advisory |
| http://sourceforge.net/project/shownotes.php?group_id=9028&release_id=570800 | third party advisory |
| http://www.securityfocus.com/archive/1/487173/100/0/threaded | mailing list vdb entry third party advisory |
| http://secunia.com/advisories/29501 | third party advisory |
| http://securityreason.com/securityalert/3580 | third party advisory |
| http://www.securityfocus.com/bid/27403 | vdb entry third party advisory |
| http://tracker.firebirdsql.org/browse/CORE-1681 | vendor advisory |
| http://www.debian.org/security/2008/dsa-1529 | third party advisory vendor advisory |