CVE-2021-21704
Multiple vulnerabilities in Firebird client extension
In PHP versions 7.3.x below 7.3.29, 7.4.x below 7.4.21 and 8.0.x below 8.0.8, when using Firebird PDO driver extension, a malicious database server could cause crashes in various database functions, such as getAttribute(), execute(), fetch() and others by returning invalid response data that is not parsed correctly by the driver. This can result in crashes, denial of service or potentially memory corruption.
We have discovered 922,016 live websites that are affected by CVE-2021-21704.
Affected Software
| Product |  PHP |
| Category | Programming Languages |
| Vulnerable Versions |
|
| Total Vulnerable Versions | 507 |
| Vulnerable Domains | 922,016 live websites (7.62% of PHP install base) |
Distribution by Website Rank
The diagram provides a graphic representation of the correlation between the occurrence of CVE-2021-21704 and the relative popularity of websitesDetails
- Published - Jun 21, 2021
- Updated - Sep 29, 2022
Credits
- reported by trichimtrich at gmail dot com
CWE
CVE References
CWE References
Countries
 United States | 344,487 websites |
 France | 249,328 websites |
 Germany | 28,358 websites |
 Russia | 25,777 websites |
 GB | 21,797 websites |
 Canada | 21,051 websites |
 Poland | 18,158 websites |
 Italy | 17,574 websites |
 Spain | 17,058 websites |
 China | 15,263 websites |
TLDs
| .com | 463,464 websites |
| .fr | 110,652 websites |
| .org | 53,409 websites |
| .net | 28,805 websites |
| .ru | 20,916 websites |
| .de | 17,482 websites |
| .pl | 13,938 websites |
| .be | 13,683 websites |
| .co.uk | 13,201 websites |
| .it | 13,061 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redGeographical Distribution
The distribution of websites across the globe that are exposed to CVE-2021-21704 through included software libraries and plugins.References
- https://bugs.php.net/bug.php?id=76448
- https://bugs.php.net/bug.php?id=76449
- https://bugs.php.net/bug.php?id=76450
- https://bugs.php.net/bug.php?id=76452
- https://security.netapp.com/advisory/ntap-20211029-0006/
- https://security.gentoo.org/glsa/202209-20
Websites affected by CVE-2021-21704
Top websites that are affected by CVE-2021-21704. Please click on the "Contact us" button above to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ***.*****.pl | Poland | *,*** | |
| *******.com | Germany | *,*** | |
| ****.org | GB | *,*** | |
| ***************.org | United States | *,*** | |
| ***.ly | United States | *,*** | |
| **********.org | United States | *,*** | |
| ***.**.gov | United States | *,*** | |
| ******.com | France | *,*** | |
| **********.com | France | *,*** | |
| ********.org | United States | *,*** |