CVE Vulnerability

CVE-2007-4668

Unspecified vulnerability in the server in Firebird before 2.0.2 allows remote attackers to determine the existence of arbitrary files, and possibly obtain other "file access," via unknown vectors, aka CORE-1312.

5 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 10 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

Scope

References
Link Resource
http://tracker.firebirdsql.org/browse/CORE-1312
http://sourceforge.net/project/shownotes.php?release_id=535898 Patch
http://www.firebirdsql.org/index.php?op=files&id=engine_202
http://www.firebirdsql.org/rlsnotes/Firebird-2.0.2-ReleaseNotes.pdf
http://www.securityfocus.com/bid/25497 Patch
http://www.debian.org/security/2008/dsa-1529
http://secunia.com/advisories/29501
http://www.vupen.com/english/advisories/2007/3021
Configurations

Configuration 1

cpe:2.3:a:firebirdsql:firebird:*:*:*:*:*:*:*:*
Information

Published : 2007-09-04 10:17

Updated : 2011-03-08 02:58

NVD link : CVE-2007-4668

Mitre link : CVE-2007-4668

Products Affected
No products.
CWE
CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-264