CVE-2013-2492
Firebird <2.1.5-2.5.3 - Buffer Overflow
Title source: llmDescription
Stack-based buffer overflow in Firebird 2.1.3 through 2.1.5 before 18514, and 2.5.1 through 2.5.3 before 26623, on Windows allows remote attackers to execute arbitrary code via a crafted packet to TCP port 3050, related to a missing size check during extraction of a group number from CNCT information.
Exploits (2)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubylocalwindows
https://www.exploit-db.com/exploits/41709
metasploit
WORKING POC
NORMAL
rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/fb_cnct_group.rb
References (9)
Scores
EPSS
0.8670
EPSS Percentile
99.4%
Details
CWE
CWE-119
Status
published
Products (6)
firebirdsql/firebird
2.1.3
firebirdsql/firebird
2.1.4
firebirdsql/firebird
2.1.5
firebirdsql/firebird
2.5.1
firebirdsql/firebird
2.5.2
firebirdsql/firebird
2.5.3
Published
Mar 15, 2013
Tracked Since
Feb 18, 2026