CVE-2007-3527
Title: Firebirdsql Firebird Memory Corruption
Memory Corruption
Proof Of Concept
No public PoC currently indexed for CVE-2007-3527.
CWE Category
NVD-CWE-noinfo
Published Date
Jul 03, 2007
Modified Date
Apr 09, 2025
Exploit Status
Not Found
Score
6.8
CVSS v2.0
Exploit Probability (EPSS)
1.32%
Vulnerability Summary
CVE-2007-3527: Integer overflow in Firebird 2.0.0 allows remote authenticated users to cause a denial of service (CPU consumption) via certain database operations with multi-byte character sets that trigger an attempt to use the value 65536 for a 16-bit integer, which is treated as 0 and causes an infinite loop on zero-length data.
Impacted Vendors
Reference Links
http://osvdb.org/43782
http://secunia.com/advisories/29501
http://tracker.firebirdsql.org/browse/CORE-1063
http://www.debian.org/security/2008/dsa-1529
http://www.firebirdsql.org/rlsnotes/Firebird-2.0.1-ReleaseNotes.pdf
http://www.securityfocus.com/bid/28473
http://osvdb.org/43782
http://secunia.com/advisories/29501
http://tracker.firebirdsql.org/browse/CORE-1063
http://www.debian.org/security/2008/dsa-1529
http://www.firebirdsql.org/rlsnotes/Firebird-2.0.1-ReleaseNotes.pdf
http://www.securityfocus.com/bid/28473
CVSS v2.0
Source Entity
[email protected]
Severity
MEDIUM
6.8
Access Vector
N/A
Authentication
N/A
RAW VECTOR
AV:N/AC:L/Au:S/C:N/I:N/A:C
Associated Attack Patterns (CAPEC)
Total: PatternsNo specific attack patterns mapped.
Likelihood
Severity
Page /
CVE-2007-3527 Exploits & PoCs (Proof Of Concept)
No public PoCs found in our database for this CVE.
MODIFIED
Vulnerability data or affected products updated.
PUBLISHED
Vulnerability first announced in NVD.
Attack Vector Matrix
Access Vector
N/A
Complexity
N/A
Privileges
N/A
Interaction
NONE
CVSS Vector String
AV:N/AC:L/Au:S/C:N/I:N/A:C
Affected Stack
No specific products linked.