CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2007-4669
https://notcve.org/view.php?id=CVE-2007-4669
The Services API in Firebird before 2.0.2 allows remote authenticated users without SYSDBA privileges to read the server log (firebird.log), aka CORE-1148. La Services API del Firebird anterior al 2.0.2 permite a usuarios remotos autenticados sin privilegios SYSDBA leer el log del servidor (firebird.log), también conocido como CORE-1148. • http://secunia.com/advisories/29501 http://sourceforge.net/project/shownotes.php?release_id=535898 http://tracker.firebirdsql.org/browse/CORE-1148 http://www.debian.org/security/2008/dsa-1529 http://www.firebirdsql.org/index.php?op=files&id=engine_202 http://www.firebirdsql.org/rlsnotes/Firebird-2.0.2-ReleaseNotes.pdf http://www.securityfocus.com/bid/25497 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 32%CPEs: 2EXPL: 2CVE-2007-3181 – Firebird SQL Fbserver 2.0 - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-3181
Buffer overflow in fbserver.exe in Firebird SQL 2 before 2.0.1 allows remote attackers to execute arbitrary code via a large p_cnct_count value in a p_cnct structure in a connect (0x01) request to port 3050/tcp, related to "an InterBase version of gds32.dll." Desbordamiento de búfer en fbserver.exe de Firebird SQL 2 before 2.0.1 permite a atacantes remotos ejecutar código de su elección mediante un valor p_cnct_count grande en una estructura p_cnct structure en una petición de conexión (0x01) al puerto 3050/tcp, relacionado con "una versión InterBase de gds32.dll". • https://www.exploit-db.com/exploits/30186 http://dvlabs.tippingpoint.com/advisory/TPTI-07-11 http://osvdb.org/37231 http://secunia.com/advisories/25601 http://secunia.com/advisories/25872 http://secunia.com/advisories/29501 http://security.gentoo.org/glsa/glsa-200707-01.xml http://www.debian.org/security/2008/dsa-1529 http://www.firebirdsql.org/rlsnotes/Firebird-2.0.1-ReleaseNotes.pdf http://www.securityfocus.com/bid/24436 http://www.vupen.com/english/advisories/2007 •
CVSS: 2.6EPSS: 0%CPEs: 43EXPL: 0CVE-2004-1449
https://notcve.org/view.php?id=CVE-2004-1449
Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7 allows remote attackers to determine the location of files on a user's hard drive by obscuring a file upload control and tricking the user into dragging text into that control. • http://bugzilla.mozilla.org/show_bug.cgi?id=206859#c0 http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:082 •
CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 3CVE-2003-0281 – Firebird 1.0.2 (FreeBSD 4.7-RELEASE) - Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2003-0281
Buffer overflow in Firebird 1.0.2 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_inet_server, (2) gds_lock_mgr, or (3) gds_drop. Desbordamiento de búfer en Firebird 1.0.2 permite que usuarios locales ejecuten comandos arbitrarios mediante una variable INTERBASE larga cuando se llama a (1) gds_inet_server, (2) gds_lock_mgr, o (3) gds_drop. • https://www.exploit-db.com/exploits/29 https://www.exploit-db.com/exploits/21566 https://www.exploit-db.com/exploits/21565 http://marc.info/?l=bugtraq&m=105259012802997&w=2 http://seclists.org/lists/bugtraq/2002/Jun/0212.html http://secunia.com/advisories/8758 http://security.gentoo.org/glsa/glsa-200405-18.xml http://www.securityfocus.com/bid/7546 https://exchange.xforce.ibmcloud.com/vulnerabilities/11977 •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 1CVE-2003-0197
https://notcve.org/view.php?id=CVE-2003-0197
Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK). Desbordamiento de búfer gds_lock_mgr de Interbase Database 6.x permite a usuarios locales la obtención de privilegios mediante una variable de entorno ISC_LOCK_ENV larga. (INTERBASE_LOCK). • http://archives.neohapsis.com/archives/vulnwatch/2003-q2/0003.html http://marc.info/?l=bugtraq&m=104940730819887&w=2 http://www.secnetops.com/research/advisories/SRT2003-04-03-1300.txt •