Integer overflow in Firebird SQL 1.0.3 and earlier, 1.5.x before 1.5.6, 2.0.x before 2.0.4, and 2.1.x before 2.1.0 RC1 might allow remote attackers to execute arbitrary code via crafted (1) op_receive, (2) op_start, (3) op_start_and_receive, (4) op_send, (5) op_start_and_send, and (6) op_start_send_and_receive XDR requests, which triggers memory corruption.
secunia.com/advisories/29203
secunia.com/advisories/29501
security.gentoo.org/glsa/glsa-200803-02.xml
securityreason.com/securityalert/3580
sourceforge.net/project/shownotes.php?group_id=9028&release_id=570800
tracker.firebirdsql.org/browse/CORE-1681
www.coresecurity.com/?action=item&id=2095
www.debian.org/security/2008/dsa-1529
www.securityfocus.com/archive/1/487173/100/0/threaded
www.securityfocus.com/bid/27403
exchange.xforce.ibmcloud.com/vulnerabilities/39996