CVE-2009-2620

{"id": "CVE-2009-2620", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-07-29T17:30:01.280", "references": [{"url": "http://tracker.firebirdsql.org/browse/CORE-2563", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://www.coresecurity.com/content/firebird-sql-dos", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.exploit-db.com/exploits/9295", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/35842", "tags": ["Exploit", "Patch"], "source": "cve@mitre.org"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=514463", "tags": ["Issue Tracking"], "source": "cve@mitre.org"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01341.html", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01370.html", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "http://tracker.firebirdsql.org/browse/CORE-2563", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.coresecurity.com/content/firebird-sql-dos", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.exploit-db.com/exploits/9295", "tags": ["Exploit"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/35842", "tags": ["Exploit", "Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=514463", "tags": ["Issue Tracking"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01341.html", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01370.html", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "src/remote/server.cpp in fbserver.exe in Firebird SQL 1.5 before 1.5.6, 2.0 before 2.0.6, 2.1 before 2.1.3, and 2.5 before 2.5 Beta 2 allows remote attackers to cause a denial of service (daemon crash) via a malformed op_connect_request message that triggers an infinite loop or NULL pointer dereference."}, {"lang": "es", "value": "src/remote/server.cpp en fbserver.exe en Firebird SQL v1.5 anterior a v1.5.6, v2.0 anterior a v2.0.6, v2.1 anterior a v2.1.3, y v2.5 anterior a v2.5 Beta 2, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda de demonio) a trav\u00e9s de un mensaje op_connect_request mal formado que provoca un bucle infinito o una deferencia a puntero NULL."}], "lastModified": "2025-10-10T10:26:26.423", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:firebirdsql:firebird:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED5BF0C6-148D-4142-9479-52831305FF8D", "versionEndExcluding": "1.5.6", "versionStartIncluding": "1.5"}, {"criteria": "cpe:2.3:a:firebirdsql:firebird:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "361ADF74-C457-4BCC-BD99-D730CB32D4E6", "versionEndExcluding": "2.0.6", "versionStartIncluding": "2.0.0"}, {"criteria": "cpe:2.3:a:firebirdsql:firebird:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "746090F5-012B-4587-BDD2-C300E6C8817E", "versionEndExcluding": "2.1.3", "versionStartIncluding": "2.1"}, {"criteria": "cpe:2.3:a:firebirdsql:firebird:2.5.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "62D0C042-3838-40CB-A43F-769EC419252B"}, {"criteria": "cpe:2.3:a:firebirdsql:firebird:2.5.0:alpha1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "355DC46D-D76E-4924-9FF1-B1B69B9BA51C"}, {"criteria": "cpe:2.3:a:firebirdsql:firebird:2.5.0:beta1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F069ED28-40B3-4B94-B89F-7E18AF0056C9"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}