*** This bug is a security vulnerability *** Public security bug reported:
TraceManager in Firebird 2.5.0 and 2.5.1, when trace is enabled, allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by preparing an empty dynamic SQL query. Upstream patch: http://firebird.svn.sourceforge.net/viewvc/firebird?pathrev=54702&revision=54702&view=revision ** Affects: firebird2.5 (Ubuntu) Importance: Undecided Status: New ** Information type changed from Private Security to Public Security ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2012-5529 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1115902 Title: NULL Pointer Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firebird2.5/+bug/1115902/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs