Vulnerability Details : CVE-2007-3181
Buffer overflow in fbserver.exe in Firebird SQL 2 before 2.0.1 allows remote attackers to execute arbitrary code via a large p_cnct_count value in a p_cnct structure in a connect (0x01) request to port 3050/tcp, related to "an InterBase version of gds32.dll."
Vulnerability category: OverflowExecute code
Products affected by CVE-2007-3181
- cpe:2.3:a:firebirdsql:firebird:*:*:*:*:*:*:*:*
- cpe:2.3:a:bakbone:netvault:6.x:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2007-3181
32.28%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 97 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2007-3181
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2007-3181
-
http://www.securityfocus.com/bid/24436
Exploit;Patch
-
http://security.gentoo.org/glsa/glsa-200707-01.xml
-
http://www.firebirdsql.org/rlsnotes/Firebird-2.0.1-ReleaseNotes.pdf
-
http://www.debian.org/security/2008/dsa-1529
-
http://www.vupen.com/english/advisories/2007/2149
-
http://dvlabs.tippingpoint.com/advisory/TPTI-07-11
Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/34833
Jump to