Description
Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when deserializing a slice packet, the xdr_datum() function does not validate that a cstring length conforms to the slice descriptor bounds, allowing a cstring longer than the allocated buffer to overflow it. An unauthenticated attacker can exploit this by sending a crafted packet to the server, potentially causing a crash or other security impact. This issue has been fixed in versions 5.0.4, 4.0.7 and 3.0.14.
Published: 2026-04-17
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service via buffer overflow
Action: Immediate Patch
AI Analysis

Impact

Firebird contains a buffer overflow in the xdr_datum() function when deserializing slice packets. The function fails to enforce that a cstring length matches the slice descriptor bounds, allowing a crafted packet to overflow the allocated buffer. This flaw is a classic internal buffer overflow (CWE‑120) and can lead to application crashes or denial of service by an unauthenticated attacker.

Affected Systems

FirebirdSQL Firebird is affected in all releases before 5.0.4, 4.0.7, and 3.0.14. Users running these versions should verify their installed version and plan an upgrade.

Risk and Exploitability

The CVSS score of 7.5 reflects a high severity impact. EPSS indicates a low likelihood of exploitation (less than 1%), and this vulnerability is not listed in the CISA KEV catalog. Because no authentication is required and the trigger is a network packet, the attack vector is remote. The vulnerability can cause crashes or other security impact, making it a high priority for remediation.

Generated by OpenCVE AI on April 18, 2026 at 19:26 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the database server to Firebird 5.0.4, 4.0.7, 3.0.14 or later to apply the patch for the buffer overflow.
  • Restrict external network access to the Firebird server or place it behind a firewall to limit exposure to unauthenticated attackers.
  • Implement network segmentation and monitor for anomalous slice packet traffic to detect attempts to exploit the vulnerability.

Generated by OpenCVE AI on April 18, 2026 at 19:26 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 17 Apr 2026 20:45:00 +0000

Type Values Removed Values Added
First Time appeared Firebirdsql
Firebirdsql firebird
Vendors & Products Firebirdsql
Firebirdsql firebird

Fri, 17 Apr 2026 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 17 Apr 2026 19:00:00 +0000

Type Values Removed Values Added
Description Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when deserializing a slice packet, the xdr_datum() function does not validate that a cstring length conforms to the slice descriptor bounds, allowing a cstring longer than the allocated buffer to overflow it. An unauthenticated attacker can exploit this by sending a crafted packet to the server, potentially causing a crash or other security impact. This issue has been fixed in versions 5.0.4, 4.0.7 and 3.0.14.
Title Firebird has a buffer overflow when parsing corrupted slice packets
Weaknesses CWE-120
CWE-502
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Subscriptions

Firebirdsql Firebird
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-04-17T19:21:17.132Z

Reserved: 2026-03-18T22:15:11.812Z

Link: CVE-2026-33337

cve-icon Vulnrichment

Updated: 2026-04-17T19:21:13.730Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-17T19:16:36.223

Modified: 2026-04-20T19:03:07.607

Link: CVE-2026-33337

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T19:30:08Z

Weaknesses