Description
Multiple stack-based buffer overflows in the ib_fill_isqlda function in dbdimp.c in DBD-Firebird before 1.19 allow remote attackers to have unspecified impact via unknown vectors that trigger an error condition, related to binding octets to columns.
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/73409
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2015/dsa-3219
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/03/30/10
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/03/30/4
Various Sources x_refsource_confirm
https://metacpan.org/source/DAM/DBD-Firebird-1.19/Changes
Issue Tracking x_refsource_confirm
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=780925
Scores
EPSS
0.0425
EPSS Percentile
89.9%
Details
CWE
CWE-119
Status
published
Products (2)
debian/dbd-firebird
< 1.18
debian/debian_linux
7.0
Published
Apr 14, 2015
Tracked Since
Feb 18, 2026