Unrated severityNVD Advisory· Published Jul 29, 2009· Updated Jun 16, 2026
CVE-2009-2620
CVE-2009-2620
Description
src/remote/server.cpp in fbserver.exe in Firebird SQL 1.5 before 1.5.6, 2.0 before 2.0.6, 2.1 before 2.1.3, and 2.5 before 2.5 Beta 2 allows remote attackers to cause a denial of service (daemon crash) via a malformed op_connect_request message that triggers an infinite loop or NULL pointer dereference.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6(expand)+ 5 more
- (no CPE)
- cpe:2.3:a:firebirdsql:firebird:*:*:*:*:*:*:*:*range: >=1.5,<1.5.6
- cpe:2.3:a:firebirdsql:firebird:2.5.0:-:*:*:*:*:*:*
- cpe:2.3:a:firebirdsql:firebird:2.5.0:alpha1:*:*:*:*:*:*
- cpe:2.3:a:firebirdsql:firebird:2.5.0:beta1:*:*:*:*:*:*
- (no CPE)range: >=1.5, <1.5.6; >=2.0, <2.0.6; >=2.1, <2.1.3; >=2.5, <2.5 Beta 2
Patches
Vulnerability mechanics
References
7- www.coresecurity.com/content/firebird-sql-dosnvdExploit
- www.exploit-db.com/exploits/9295nvdExploit
- www.securityfocus.com/bid/35842nvdExploitPatch
- tracker.firebirdsql.org/browse/CORE-2563nvdVendor Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue Tracking
- www.redhat.com/archives/fedora-package-announce/2009-August/msg01341.htmlnvdBroken Link
- www.redhat.com/archives/fedora-package-announce/2009-August/msg01370.htmlnvdBroken Link
News mentions
0No linked articles in our index yet.