CVE 2012-5529
TraceManager in Firebird 2.5.0 and 2.5.1, when trace is enabled, allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by preparing an empty dynamic SQL query.
Related bugs and status
CVE-2012-5529 (Candidate) is related to these bugs:
Bug #1115902: NULL Pointer Denial of Service Vulnerability
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1115902 | NULL Pointer Denial of Service Vulnerability | firebird2.5 (Ubuntu) | Medium | Fix Released | ||
1115902 | NULL Pointer Denial of Service Vulnerability | firebird2.5 (Ubuntu Quantal) | Medium | Fix Released | ||
1115902 | NULL Pointer Denial of Service Vulnerability | firebird2.5 (Ubuntu Oneiric) | Medium | Fix Released | ||
1115902 | NULL Pointer Denial of Service Vulnerability | firebird2.5 (Ubuntu Precise) | Medium | Fix Released | ||
1115902 | NULL Pointer Denial of Service Vulnerability | firebird2.5 (Ubuntu Raring) | Medium | Fix Released |
Bug #1156942: firebird2.5: CVE-2013-2492: Request Processing Buffer Overflow Vulnerability
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1156942 | firebird2.5: CVE-2013-2492: Request Processing Buffer Overflow Vulnerability | firebird2.5 (Ubuntu) | Undecided | Fix Released | ||
1156942 | firebird2.5: CVE-2013-2492: Request Processing Buffer Overflow Vulnerability | firebird2.5 (Debian) | Unknown | Fix Released | ||
1156942 | firebird2.5: CVE-2013-2492: Request Processing Buffer Overflow Vulnerability | firebird2.5 (Ubuntu Precise) | Undecided | Won't Fix | ||
1156942 | firebird2.5: CVE-2013-2492: Request Processing Buffer Overflow Vulnerability | firebird2.5 (Ubuntu Quantal) | Undecided | Won't Fix | ||
1156942 | firebird2.5: CVE-2013-2492: Request Processing Buffer Overflow Vulnerability | firebird2.5 (Ubuntu Saucy) | Undecided | Fix Released | ||
1156942 | firebird2.5: CVE-2013-2492: Request Processing Buffer Overflow Vulnerability | firebird2.5 (Ubuntu Raring) | Undecided | Won't Fix |
See the
CVE page on Mitre.org
for more details.