Description
src/remote/server.cpp in fbserver.exe in Firebird SQL 1.5 before 1.5.6, 2.0 before 2.0.6, 2.1 before 2.1.3, and 2.5 before 2.5 Beta 2 allows remote attackers to cause a denial of service (daemon crash) via a malformed op_connect_request message that triggers an infinite loop or NULL pointer dereference.
Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| n/a | n/a | affected |
|
Configuration 1 [-]
|
No data.
No data available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
History
Fri, 10 Oct 2025 10:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| CPEs | cpe:2.3:a:firebirdsql:firebird:1.5.2.4731:*:*:*:*:*:*:* cpe:2.3:a:firebirdsql:firebird:1.5.2:*:*:*:*:*:*:* cpe:2.3:a:firebirdsql:firebird:1.5.3.4870:*:*:*:*:*:*:* cpe:2.3:a:firebirdsql:firebird:1.5.4.4910:*:*:*:*:*:*:* cpe:2.3:a:firebirdsql:firebird:1.5.5:*:*:*:*:*:*:* cpe:2.3:a:firebirdsql:firebird:1.5:*:*:*:*:*:*:* cpe:2.3:a:firebirdsql:firebird:2.0.0.12748:*:*:*:*:*:*:* cpe:2.3:a:firebirdsql:firebird:2.0.0:*:*:*:*:*:*:* cpe:2.3:a:firebirdsql:firebird:2.0.1:*:*:*:*:*:*:* cpe:2.3:a:firebirdsql:firebird:2.0.2:*:*:*:*:*:*:* cpe:2.3:a:firebirdsql:firebird:2.1.2:*:*:*:*:*:*:* cpe:2.3:a:firebirdsql:firebird:2.1.3:rc1:*:*:*:*:*:* cpe:2.3:a:firebirdsql:firebird:2.1:*:*:*:*:*:*:* cpe:2.3:a:firebirdsql:firebird:2.5:*:*:*:*:*:*:* cpe:2.3:a:firebirdsql:firebird:2.5:beta_2:*:*:*:*:*:* |
cpe:2.3:a:firebirdsql:firebird:2.5.0:-:*:*:*:*:*:* cpe:2.3:a:firebirdsql:firebird:2.5.0:alpha1:*:*:*:*:*:* cpe:2.3:a:firebirdsql:firebird:2.5.0:beta1:*:*:*:*:*:* |
Wed, 28 May 2025 14:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
Thu, 22 May 2025 04:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
MITRE
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-08-07T05:59:55.735Z
Reserved: 2009-07-28T00:00:00.000Z
Link: CVE-2009-2620
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2009-07-29T17:30:01.280
Modified: 2025-10-10T10:26:26.423
Link: CVE-2009-2620
Redhat
OpenCVE Enrichment
No data.
Weaknesses