CVE-2007-3527

NameCVE-2007-3527
DescriptionInteger overflow in Firebird 2.0.0 allows remote authenticated users to cause a denial of service (CPU consumption) via certain database operations with multi-byte character sets that trigger an attempt to use the value 65536 for a 16-bit integer, which is treated as 0 and causes an infinite loop on zero-length data.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-1529-1
NVD severitymedium (attack range: remote)
Debian Bugs441405

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
firebird2sourcesarge(unfixed)medium
firebird2.0source(unstable)2.0.3.12981.ds1-1medium441405

Notes

[etch] - firebird2 <no-dsa> (Fixed packages have been released through backports.org, see #1529)

Search for package or bug name: Reporting problems