Published: 14/04/2015 Updated: 03/12/2016

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Multiple stack-based buffer overflows in the ib_fill_isqlda function in dbdimp.c in DBD-Firebird prior to 1.19 allow remote malicious users to have unspecified impact via unknown vectors that trigger an error condition, related to binding octets to columns.

Vulnerable Product	Search on Vulmon	Subscribe to Product
debian debian linux 7.0
debian dbd-firebird

Debian Bug report logs - #780925 DBD-Firebird: CVE-2015-2788: Buffer Overflow in dbdimpc Package: libdbd-firebird-perl; Maintainer for libdbd-firebird-perl is Debian Perl Group <pkg-perl-maintainers@listsaliothdebianorg>; Source for libdbd-firebird-perl is src:libdbd-firebird-perl (PTS, buildd, popcon) Reported by: Damya ...

Stefan Roas discovered a way to cause a buffer overflow in DBD-FireBird, a Perl DBI driver for the Firebird RDBMS, in certain error conditions, due to the use of the sprintf() function to write to a fixed-size memory buffer For the stable distribution (wheezy), this problem has been fixed in version 091-2+deb7u1 For the upcoming stable distribut ...

CWE-119 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780925 https://metacpan.org/source/DAM/DBD-Firebird-1.19/Changes http://www.openwall.com/lists/oss-security/2015/03/30/4 http://www.debian.org/security/2015/dsa-3219 http://www.openwall.com/lists/oss-security/2015/03/30/10 http://www.securityfocus.com/bid/73409 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780925 https://nvd.nist.gov https://www.debian.org/security/./dsa-3219

CVE-2015-2788

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect