CVE-2013-2492

Public Exploit

Description

Stack-based buffer overflow in Firebird 2.1.3 through 2.1.5 before 18514, and 2.5.1 through 2.5.3 before 26623, on Windows allows remote attackers to execute arbitrary code via a crafted packet to TCP port 3050, related to a missing size check during extraction of a group number from CNCT information.

References

Link	Tags
https://security.gentoo.org/glsa/201512-11	vendor advisory
https://gist.github.com/zeroSteiner/85daef257831d904479c	exploit
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00036.html	vendor advisory
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/fb_cnct_group.rb	exploit
http://www.securityfocus.com/bid/58393	vdb entry
http://www.debian.org/security/2013/dsa-2648	vendor advisory
http://tracker.firebirdsql.org/browse/CORE-4058	exploit vendor advisory
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00039.html	vendor advisory
http://www.debian.org/security/2013/dsa-2647	vendor advisory

Frequently Asked Questions

What is the severity of CVE-2013-2492?: CVE-2013-2492 has been scored as a medium severity vulnerability.
How to fix CVE-2013-2492?: To fix CVE-2013-2492, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2013-2492 being actively exploited in the wild?: It is possible that CVE-2013-2492 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~85% probability that this vulnerability will be exploited by malicious actors in the next 30 days.

Description

Category

CWE-119 – Improper Restriction of Operations within the Bounds of a Memory Buffer

References

Frequently Asked Questions