CVE-2014-9323: Null Pointer Dereference
First published: Tue Dec 16 2014(Updated: )
Last updated 24 July 2024
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/firebird2.1 | ||
| debian/firebird2.5 | ||
| Debian DBD-Firebird | <2.1.7 | |
| Debian DBD-Firebird | >=2.5<=2.5.3 | |
| openSUSE Evergreen | =11.4 | |
| Debian GNU/Linux | =7.0 | |
| Debian GNU/Linux | =8.0 | |
| Ubuntu Linux | =14.04 | |
| FirebirdSQL | <2.1.7 | |
| FirebirdSQL | >=2.5<=2.5.3 | |
| Debian | =7.0 | |
| Debian | =8.0 | |
| Ubuntu | =14.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://tracker.firebirdsql.org/browse/CORE-4630
- http://www.firebirdsql.org/en/news/security-updates-for-v2-1-and-v2-5-series-66011/
- http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00012.html
- http://advisories.mageia.org/MGASA-2014-0523.html
- http://www.mandriva.com/security/advisories?name=MDVSA-2015:172
- http://www.debian.org/security/2014/dsa-3109
- https://usn.ubuntu.com/3929-1/
- https://launchpad.net/bugs/cve/CVE-2014-9323
- http://sourceforge.net/p/firebird/code/60331
- https://security-tracker.debian.org/tracker/CVE-2014-9323
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9323
- https://nvd.nist.gov/vuln/detail/CVE-2014-9323
- https://ubuntu.com/security/CVE-2014-9323
Frequently Asked Questions
What is the severity of CVE-2014-9323?
CVE-2014-9323 has been classified as a denial of service vulnerability due to a NULL pointer dereference.
How do I fix CVE-2014-9323?
To address CVE-2014-9323, you should upgrade to Firebird version 2.1.7 or 2.5.3 SU1 or later.
What versions of Firebird are affected by CVE-2014-9323?
CVE-2014-9323 affects Firebird versions prior to 2.1.7 and 2.5.x versions prior to 2.5.3 SU1.
What kind of attack can exploit CVE-2014-9323?
CVE-2014-9323 can be exploited by remote attackers to cause a segmentation fault and crash the server.
Is there any public exploit available for CVE-2014-9323?
As of now, there are no specific public exploits reported for CVE-2014-9323, but it poses a serious risk for system availability.
- agent/type
- collector/launchpad-cve
- source/Launchpad
- collector/security-tracker-debian
- source/Debian
- agent/software-canonical-lookup
- agent/severity
- agent/weakness
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/trending
- agent/source
- agent/author
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-cve
- source/NVD
- package-manager/debian
- vendor/firebirdsql
- canonical/debian dbd-firebird
- version/debian dbd-firebird/2.5
- version/debian dbd-firebird/2.5.3
- vendor/opensuse
- canonical/opensuse evergreen
- version/opensuse evergreen/11.4
- vendor/debian
- canonical/debian gnu/linux
- version/debian gnu/linux/7.0
- version/debian gnu/linux/8.0
- vendor/canonical
- canonical/ubuntu linux
- version/ubuntu linux/14.04
- canonical/firebirdsql
- version/firebirdsql/2.5
- version/firebirdsql/2.5.3
- canonical/debian
- version/debian/7.0
- version/debian/8.0
- canonical/ubuntu
- version/ubuntu/14.04