Some vulnerabilities have been reported in Firebird, which can be exploited by malicious people to compromise a vulnerable system.

1) Boundary errors in the "isc_attach_database()" and "isc_create_database()" functions can be exploited to cause stack-based buffer overflows via specially crafted parameters passed to the affected functions.

Successful exploitation allows execution of arbitrary code.

The vulnerabilities are reported in Firebird version WI-V2.0.1.12855, WI-V2.0.0.12748, LI-V2.0.1.12855, and LI-V2.0.0.12748. Other versions may also be affected.

This is related to:
SA27058

2) A boundary error in the "process_function()" in fbserver.exe can be exploited to cause a stack-based buffer overflow by sending a specially crafted packet to port 3050/TCP.

Successful exploitation allows execution of arbitrary code.

This vulnerability is reported in version 2.0.2. Other version may also be affected.

Solution
Update to version 2.0.3.12981.

Provided and/or discovered by
1) Adriano Lima and Ramon de Carvalho Valle, RISE Security.
2) An anonymous person, reported via ZDI.

Changelog
Further details available in Customer Area

Original Advisory
RISE Security:
http://risesecurity.org/advisory/RISE-2007003/

ZDI:
http://www.zerodayinitiative.com/advisories/ZDI-07-057.html

Other references
Further details available in Customer Area

Deep Links
Links available in Customer Area