CVE-2013-2492

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-2492 at MITRE

Description

Stack-based buffer overflow in Firebird 2.1.3 through 2.1.5 before 18514, and 2.5.1 through 2.5.3 before 26623, on Windows allows remote attackers to execute arbitrary code via a crafted packet to TCP port 3050, related to a missing size check during extraction of a group number from CNCT information.

NVD CVSS v2 Base Score: 6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)

SUSE information

SUSE Bugzilla entry: 808268

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 12.3
  • firebird >= 2.5.2.26539-2.5.1
  • firebird-32bit >= 2.5.2.26539-2.5.1
  • firebird-classic >= 2.5.2.26539-2.5.1
  • firebird-classic-debuginfo >= 2.5.2.26539-2.5.1
  • firebird-classic-debugsource >= 2.5.2.26539-2.5.1
  • firebird-debuginfo >= 2.5.2.26539-2.5.1
  • firebird-debuginfo-32bit >= 2.5.2.26539-2.5.1
  • firebird-debugsource >= 2.5.2.26539-2.5.1
  • firebird-devel >= 2.5.2.26539-2.5.1
  • firebird-doc >= 2.5.2.26539-2.5.1
  • firebird-superserver >= 2.5.2.26539-2.5.1
  • firebird-superserver-debuginfo >= 2.5.2.26539-2.5.1
  • libfbclient2 >= 2.5.2.26539-2.5.1
  • libfbclient2-32bit >= 2.5.2.26539-2.5.1
  • libfbclient2-debuginfo >= 2.5.2.26539-2.5.1
  • libfbclient2-debuginfo-32bit >= 2.5.2.26539-2.5.1
  • libfbclient2-devel >= 2.5.2.26539-2.5.1
  • libfbembed-devel >= 2.5.2.26539-2.5.1
  • libfbembed2_5 >= 2.5.2.26539-2.5.1
  • libfbembed2_5-debuginfo >= 2.5.2.26539-2.5.1
Patchnames:
openSUSE-2013-222
openSUSE Evergreen 11.4
  • firebird >= 2.1.3.18185.0-16.1
  • firebird-classic >= 2.1.3.18185.0-16.1
  • firebird-classic-debuginfo >= 2.1.3.18185.0-16.1
  • firebird-debuginfo >= 2.1.3.18185.0-16.1
  • firebird-debugsource >= 2.1.3.18185.0-16.1
  • firebird-devel >= 2.1.3.18185.0-16.1
  • firebird-devel-debuginfo >= 2.1.3.18185.0-16.1
  • firebird-doc >= 2.1.3.18185.0-16.1
  • firebird-filesystem >= 2.1.3.18185.0-16.1
  • firebird-superserver >= 2.1.3.18185.0-16.1
  • firebird-superserver-debuginfo >= 2.1.3.18185.0-16.1
  • libfbclient2 >= 2.1.3.18185.0-16.1
  • libfbclient2-debuginfo >= 2.1.3.18185.0-16.1
  • libfbembed2 >= 2.1.3.18185.0-16.1
  • libfbembed2-debuginfo >= 2.1.3.18185.0-16.1
Patchnames:
2013-43