CVE-2007-3181

Name of the Vulnerable Software and Affected Versions: Firebird SQL versions prior to 2.0.1

Description: The issue is related to a buffer overflow in the fbserver.exe component of Firebird SQL. This occurs when a large p cnct count value is sent in a p cnct structure within a connect request to port 3050/tcp. The problem is also linked to an InterBase version of the gds32.dll file.

Recommendations: For Firebird SQL versions prior to 2.0.1, update to version 2.0.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the fbserver.exe component or limiting the size of the p cnct count value in connect requests to port 3050/tcp until a patch is applied.