CVE-2007-4668

Firebird < 2.0.1 - Unauthenticated Arbitrary File Existence Disclosure

Title source: llm
STIX 2.1

Description

Unspecified vulnerability in the server in Firebird before 2.0.2 allows remote attackers to determine the existence of arbitrary files, and possibly obtain other "file access," via unknown vectors, aka CORE-1312.

References (8)

Core 8
Core References
Various Sources x_refsource_misc
http://tracker.firebirdsql.org/browse/CORE-1312
Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/25497
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2007/3021
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/29501
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2008/dsa-1529

Scores

EPSS 0.0155
EPSS Percentile 72.3%

Details

CWE
CWE-119 CWE-264
Status published
Products (1)
firebirdsql/firebird < 2.0.1
Published Sep 04, 2007
Tracked Since Feb 18, 2026