News via oss-sec and [pkg-firebird-general] mailing list
A denial of service flaw was found in the way the TraceManager of
Firebird, performed preparation of an empty dynamic SQL query. When the trace mode was
enabled, a remote, authenticated database user could use this flaw
to cause the Firebird server to crash with a NULL pointer dereference.
Relevant upstream patch: 
Leave a Reply
You must be logged in to post a comment.