← Volver a CVEs
CVE-2025-65104
HIGH7.9
Descripcion
Firebird is an open-source relational database management system. In versions FB3 of the client library placed incorrect data length values into XSQLDA fields when communicating with FB4 or higher servers, resulting in an information leak. This issue is fixed by upgrading to the FB4 client or higher.
Detalles CVE
Puntuacion CVSS v3.17.9
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:L
Vector de ataqueLOCAL
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado4/17/2026
Ultima modificacion4/17/2026
Fuentenvd
Avistamientos honeypot0
Debilidades (CWE)
CWE-200
Referencias
https://github.com/FirebirdSQL/firebird/releases/tag/v4.0.0(security-advisories@github.com)
https://github.com/FirebirdSQL/firebird/security/advisories/GHSA-mfpr-9886-xjhg(security-advisories@github.com)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.