CVE-2008-0387

Name of the Vulnerable Software and Affected Versions Firebird SQL versions 1.0.3 and earlier Firebird SQL versions 1.5.x before 1.5.6 Firebird SQL versions 2.0.x before 2.0.4 Firebird SQL versions 2.1.x before 2.1.0 RC1

Description The issue is related to an integer overflow that might allow remote attackers to execute arbitrary code. This can be triggered via crafted XDR requests, including op receive, op start, op start and receive, op send, op start and send, and op start send and receive, which can cause memory corruption.

Recommendations For Firebird SQL versions 1.0.3 and earlier, update to a version later than 1.0.3. For Firebird SQL versions 1.5.x before 1.5.6, update to version 1.5.6 or later. For Firebird SQL versions 2.0.x before 2.0.4, update to version 2.0.4 or later. For Firebird SQL versions 2.1.x before 2.1.0 RC1, update to version 2.1.0 RC1 or later.