Launchpad CVE tracker

CVE 2012-5529

TraceManager in Firebird 2.5.0 and 2.5.1, when trace is enabled, allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by preparing an empty dynamic SQL query.

Related bugs and status

CVE-2012-5529 (Candidate) is related to these bugs:

Bug #1115902: NULL Pointer Denial of Service Vulnerability

		In	Importance	Status
1115902	NULL Pointer Denial of Service Vulnerability	firebird2.5 (Ubuntu)	Medium	Fix Released
1115902	NULL Pointer Denial of Service Vulnerability	firebird2.5 (Ubuntu Quantal)	Medium	Fix Released
1115902	NULL Pointer Denial of Service Vulnerability	firebird2.5 (Ubuntu Oneiric)	Medium	Fix Released
1115902	NULL Pointer Denial of Service Vulnerability	firebird2.5 (Ubuntu Precise)	Medium	Fix Released
1115902	NULL Pointer Denial of Service Vulnerability	firebird2.5 (Ubuntu Raring)	Medium	Fix Released

Bug #1156942: firebird2.5: CVE-2013-2492: Request Processing Buffer Overflow Vulnerability

		In	Importance	Status
1156942	firebird2.5: CVE-2013-2492: Request Processing Buffer Overflow Vulnerability	firebird2.5 (Ubuntu)	Undecided	Fix Released
1156942	firebird2.5: CVE-2013-2492: Request Processing Buffer Overflow Vulnerability	firebird2.5 (Debian)	Unknown	Fix Released
1156942	firebird2.5: CVE-2013-2492: Request Processing Buffer Overflow Vulnerability	firebird2.5 (Ubuntu Precise)	Undecided	Won't Fix
1156942	firebird2.5: CVE-2013-2492: Request Processing Buffer Overflow Vulnerability	firebird2.5 (Ubuntu Quantal)	Undecided	Won't Fix
1156942	firebird2.5: CVE-2013-2492: Request Processing Buffer Overflow Vulnerability	firebird2.5 (Ubuntu Saucy)	Undecided	Fix Released
1156942	firebird2.5: CVE-2013-2492: Request Processing Buffer Overflow Vulnerability	firebird2.5 (Ubuntu Raring)	Undecided	Won't Fix

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2012-5529

References