CVSS: 5.0EPSS: 7%CPEs: 1EXPL: 0CVE-2007-4666
https://notcve.org/view.php?id=CVE-2007-4666
Unspecified vulnerability in the server in Firebird before 2.0.2, when a Superserver/TCP/IP environment is configured, allows remote attackers to cause a denial of service (CPU and memory consumption) via "large network packets with garbage", aka CORE-1397. Vulnerabilidad no especificada en el servidor Firebird versiones anteriores 2.0.2, cuando un entorno Superserver/TCP/IP está configurado, permite a atacantes remotos provocar una denegación de servicio (agotamiento de CPU y memoria) mediante "paquetes de red grandes con basura", también conocido como CORE-1397. • http://secunia.com/advisories/26615 http://secunia.com/advisories/29501 http://sourceforge.net/project/shownotes.php?release_id=535898 http://tracker.firebirdsql.org/browse/CORE-1397 http://www.debian.org/security/2008/dsa-1529 http://www.firebirdsql.org/index.php?op=files&id=engine_202 http://www.firebirdsql.org/rlsnotes/Firebird-2.0.2-ReleaseNotes.pdf http://www.securityfocus.com/bid/25497 http://www.vupen.com/english/advisories/2007/3021 https://exchange.xforce.ibmcloud.com&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 8%CPEs: 1EXPL: 0CVE-2007-4667
https://notcve.org/view.php?id=CVE-2007-4667
Unspecified vulnerability in the Services API in Firebird before 2.0.2 allows remote attackers to cause a denial of service, aka CORE-1149. Vulnerabilidad sin especificar en el Services API del Firebird anterior al 2.0.2, permite a atacantes remotos provocar una denegación de servicio, también conocido como CORE-1149. • http://secunia.com/advisories/26615 http://secunia.com/advisories/29501 http://sourceforge.net/project/shownotes.php?release_id=535898 http://tracker.firebirdsql.org/browse/CORE-1149 http://www.debian.org/security/2008/dsa-1529 http://www.firebirdsql.org/index.php?op=files&id=engine_202 http://www.firebirdsql.org/rlsnotes/Firebird-2.0.2-ReleaseNotes.pdf http://www.securityfocus.com/bid/25497 http://www.vupen.com/english/advisories/2007/3021 https://exchange.xforce.ibmcloud.com&#x •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2007-4668
https://notcve.org/view.php?id=CVE-2007-4668
Unspecified vulnerability in the server in Firebird before 2.0.2 allows remote attackers to determine the existence of arbitrary files, and possibly obtain other "file access," via unknown vectors, aka CORE-1312. Vulnerabilidad no especificada en el servidor en Firebird anterior a 2.0.2 permite a atacantes remotos determinar la existencia de archivos de su elección, y posiblemente obtener otros "accesos a archivo," a través de vectores desconocidos, también conocido como CORE-1312. • http://secunia.com/advisories/29501 http://sourceforge.net/project/shownotes.php?release_id=535898 http://tracker.firebirdsql.org/browse/CORE-1312 http://www.debian.org/security/2008/dsa-1529 http://www.firebirdsql.org/index.php?op=files&id=engine_202 http://www.firebirdsql.org/rlsnotes/Firebird-2.0.2-ReleaseNotes.pdf http://www.securityfocus.com/bid/25497 http://www.vupen.com/english/advisories/2007/3021 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2007-4669
https://notcve.org/view.php?id=CVE-2007-4669
The Services API in Firebird before 2.0.2 allows remote authenticated users without SYSDBA privileges to read the server log (firebird.log), aka CORE-1148. La Services API del Firebird anterior al 2.0.2 permite a usuarios remotos autenticados sin privilegios SYSDBA leer el log del servidor (firebird.log), también conocido como CORE-1148. • http://secunia.com/advisories/29501 http://sourceforge.net/project/shownotes.php?release_id=535898 http://tracker.firebirdsql.org/browse/CORE-1148 http://www.debian.org/security/2008/dsa-1529 http://www.firebirdsql.org/index.php?op=files&id=engine_202 http://www.firebirdsql.org/rlsnotes/Firebird-2.0.2-ReleaseNotes.pdf http://www.securityfocus.com/bid/25497 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2007-3527
https://notcve.org/view.php?id=CVE-2007-3527
Integer overflow in Firebird 2.0.0 allows remote authenticated users to cause a denial of service (CPU consumption) via certain database operations with multi-byte character sets that trigger an attempt to use the value 65536 for a 16-bit integer, which is treated as 0 and causes an infinite loop on zero-length data. Desbordamiento de entero en Firebird 2.0.0 permite a atacantes remotos provocar una denegación de servicio (agotamiento de CPU) mediante determinadas operaciones de base de datos con juegos de caracteres multi-byte que disparan un intento de usar el valor 65536 para un entero de 16 bits, el cual es tratado como 0 y provoca un bucle infinito en datos de longitud cero. • http://osvdb.org/43782 http://secunia.com/advisories/29501 http://tracker.firebirdsql.org/browse/CORE-1063 http://www.debian.org/security/2008/dsa-1529 http://www.firebirdsql.org/rlsnotes/Firebird-2.0.1-ReleaseNotes.pdf http://www.securityfocus.com/bid/28473 •