CVE-2026-33337: CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in FirebirdSQL firebird
Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when deserializing a slice packet, the xdr_datum() function does not validate that a cstring length conforms to the slice descriptor bounds, allowing a cstring longer than the allocated buffer to overflow it. An unauthenticated attacker can exploit this by sending a crafted packet to the server, potentially causing a crash or other security impact. This issue has been fixed in versions 5.0.4, 4.0.7 and 3.0.14.
AI Analysis
Technical Summary
FirebirdSQL firebird contains a classic buffer overflow vulnerability (CWE-120) in the xdr_datum() function during deserialization of slice packets. Specifically, the function does not verify that the length of a cstring is within the allocated buffer limits defined by the slice descriptor, allowing an overflow when a longer cstring is processed. This flaw can be exploited remotely by an unauthenticated attacker sending a specially crafted packet to the server, potentially causing denial of service or other impacts. The vulnerability affects versions prior to 3.0.14, 4.0.7, and 5.0.4 and has been addressed in these fixed releases.
Potential Impact
An unauthenticated attacker can exploit this vulnerability remotely by sending a crafted packet to the FirebirdSQL server, causing a buffer overflow. The CVSS score of 7.5 (high severity) indicates that the primary impact is availability (crash or denial of service). There is no confirmed impact on confidentiality or integrity. No known exploits in the wild have been reported at this time.
Mitigation Recommendations
This vulnerability has been fixed in FirebirdSQL versions 3.0.14, 4.0.7, and 5.0.4. Users should upgrade to one of these versions or later to remediate the issue. Patch status is confirmed by the vendor's versioning information. No additional mitigations are specified or required beyond applying the official updates.
CVE-2026-33337: CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in FirebirdSQL firebird
Description
Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, when deserializing a slice packet, the xdr_datum() function does not validate that a cstring length conforms to the slice descriptor bounds, allowing a cstring longer than the allocated buffer to overflow it. An unauthenticated attacker can exploit this by sending a crafted packet to the server, potentially causing a crash or other security impact. This issue has been fixed in versions 5.0.4, 4.0.7 and 3.0.14.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
FirebirdSQL firebird contains a classic buffer overflow vulnerability (CWE-120) in the xdr_datum() function during deserialization of slice packets. Specifically, the function does not verify that the length of a cstring is within the allocated buffer limits defined by the slice descriptor, allowing an overflow when a longer cstring is processed. This flaw can be exploited remotely by an unauthenticated attacker sending a specially crafted packet to the server, potentially causing denial of service or other impacts. The vulnerability affects versions prior to 3.0.14, 4.0.7, and 5.0.4 and has been addressed in these fixed releases.
Potential Impact
An unauthenticated attacker can exploit this vulnerability remotely by sending a crafted packet to the FirebirdSQL server, causing a buffer overflow. The CVSS score of 7.5 (high severity) indicates that the primary impact is availability (crash or denial of service). There is no confirmed impact on confidentiality or integrity. No known exploits in the wild have been reported at this time.
Mitigation Recommendations
This vulnerability has been fixed in FirebirdSQL versions 3.0.14, 4.0.7, and 5.0.4. Users should upgrade to one of these versions or later to remediate the issue. Patch status is confirmed by the vendor's versioning information. No additional mitigations are specified or required beyond applying the official updates.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-03-18T22:15:11.812Z
- Cvss Version
- 3.1
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 69e28194bdfbbecc597b95dc
Added to database: 4/17/2026, 6:53:08 PM
Last enriched: 4/17/2026, 7:08:09 PM
Last updated: 4/17/2026, 8:17:21 PM
Views: 4
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.