CVE-2008-0387

Publication date 29 January 2008

Last updated 17 July 2025

Ubuntu priority

Medium

Why this priority?

Description

Integer overflow in Firebird SQL 1.0.3 and earlier, 1.5.x before 1.5.6, 2.0.x before 2.0.4, and 2.1.x before 2.1.0 RC1 might allow remote attackers to execute arbitrary code via crafted (1) op_receive, (2) op_start, (3) op_start_and_receive, (4) op_send, (5) op_start_and_send, and (6) op_start_send_and_receive XDR requests, which triggers memory corruption.

Status

Package Ubuntu Release Status
firebird2 9.10 karmic Not in release
9.04 jaunty Not in release
8.10 intrepid Not in release
8.04 LTS hardy Not in release
7.10 gutsy Not in release
7.04 feisty Ignored end of life, was needed
6.10 edgy Ignored end of life, was needed
6.06 LTS dapper Ignored end of life
firebird2.0 9.10 karmic
Fixed 2.0.3.12981.ds1-4
9.04 jaunty
Fixed 2.0.3.12981.ds1-4
8.10 intrepid
Fixed 2.0.3.12981.ds1-4
8.04 LTS hardy
Fixed 2.0.3.12981.ds1-4
7.10 gutsy Ignored end of life, was needed
7.04 feisty Not in release
6.10 edgy Not in release
6.06 LTS dapper Not in release

References

Other references

Access our resources on patching vulnerabilities