Unrated severityNVD Advisory· Published Jan 29, 2008· Updated Apr 23, 2026
CVE-2008-0387
CVE-2008-0387
Description
Integer overflow in Firebird SQL 1.0.3 and earlier, 1.5.x before 1.5.6, 2.0.x before 2.0.4, and 2.1.x before 2.1.0 RC1 might allow remote attackers to execute arbitrary code via crafted (1) op_receive, (2) op_start, (3) op_start_and_receive, (4) op_send, (5) op_start_and_send, and (6) op_start_send_and_receive XDR requests, which triggers memory corruption.
Affected products
2cpe:2.3:a:firebirdsql:firebird:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:firebirdsql:firebird:*:*:*:*:*:*:*:*range: <=1.0.3
- cpe:2.3:a:firebirdsql:firebird:2.1.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
11- secunia.com/advisories/29203nvdThird Party Advisory
- secunia.com/advisories/29501nvdThird Party Advisory
- security.gentoo.org/glsa/glsa-200803-02.xmlnvdThird Party Advisory
- securityreason.com/securityalert/3580nvdThird Party Advisory
- sourceforge.net/project/shownotes.phpnvdThird Party Advisory
- tracker.firebirdsql.org/browse/CORE-1681nvdVendor Advisory
- www.coresecurity.comnvdThird Party Advisory
- www.debian.org/security/2008/dsa-1529nvdThird Party Advisory
- www.securityfocus.com/archive/1/487173/100/0/threadednvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/27403nvdThird Party AdvisoryVDB Entry
- exchange.xforce.ibmcloud.com/vulnerabilities/39996nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.