Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Server crash when using specific form of SET BIND statement
Vulnerability Description
Firebird is a relational database. Versions 4.0.0 through 4.0.3 and version 5.0 beta1 are vulnerable to a server crash when a user uses a specific form of SET BIND statement. Any non-privileged user with minimum access to a server may type a statement with a long `CHAR` length, which causes the server to crash due to stack corruption. Versions 4.0.4.2981 and 5.0.0.117 contain fixes for this issue. No known workarounds are available.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
不加限制或调节的资源分配
Vulnerability Title
Firebird 安全漏洞
Vulnerability Description
Firebird是Firebird基金会的一套开源跨平台的提供多个ANSI SQL-92功能的关系型数据库管理系统。 Firebird 4.0.0 到 4.0.3、5.0 beta1版本存在安全漏洞,该漏洞源于使用特定形式的 SET BIND 语句时服务器崩溃。
CVSS Information
N/A
Vulnerability Type
N/A