Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

unixodbc unixodbc vulnerabilities and exploits

(subscribe to this query)
2.1
CVSSv2
CVE-2012-2657
Buffer overflow in the SQLDriverConnect function in unixODBC 2.0.10, 2.3.1, and previous versions allows local users to cause a denial of service (crash) via a long string in the FILEDSN option. NOTE: this issue might not be a vulnerability, since the ability to set this option t...
Unixodbc UnixodbcUnixodbc Unixodbc 2.3.0Unixodbc Unixodbc 2.0.10
7.5
CVSSv2
CVE-2018-7409
In unixODBC prior to 2.3.5, there is a buffer overflow in the unicode_to_ansi_copy() function in DriverManager/__info.c.
Unixodbc Unixodbc
2.1
CVSSv2
CVE-2012-2658
Buffer overflow in the SQLDriverConnect function in unixODBC 2.3.1 allows local users to cause a denial of service (crash) via a long string in the DRIVER option. NOTE: this issue might not be a vulnerability, since the ability to set this option typically implies that the attack...
Unixodbc Unixodbc 2.3.1
7.5
CVSSv2
CVE-2018-7485
The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC 2.3.5 has strncpy arguments in the wrong order, which allows malicious users to cause a denial of service or possibly have unspecified other impact.
Unixodbc Unixodbc 2.3.5
7.2
CVSSv2
CVE-2005-4279
Untrusted search path vulnerability in Qt-UnixODBC prior to 3.3.4-r1 on Gentoo Linux allows local users in the portage group to gain privileges via a malicious shared object in the Portage temporary build directory, which is part of the RUNPATH.
Gentoo Qt-unixodbc
4.6
CVSSv2
CVE-2011-1145
The SQLDriverConnect() function in unixODBC prior to 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.
Unixodbc UnixodbcDebian Debian Linux 8.0Debian Debian Linux 9.0Debian Debian Linux 10.0Opensuse Opensuse 11.3Opensuse Opensuse 11.4Redhat Enterprise Linux 4.0Redhat Enterprise Linux 5.0Redhat Enterprise Linux 6.0
7.5
CVSSv2
CVE-2018-14671
In ClickHouse prior to 18.10.3, unixODBC allowed loading arbitrary shared objects from the file system which led to a Remote Code Execution vulnerability.
Yandex Clickhouse
NA
CVE-2024-1013
An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 bytes and callee writes 8 bytes. This issue may go unnoticed on little-endian architectures, while big-endian architectures can be broken.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651CVE-2024-34255elevation of privilegeCVE-2024-25529CVE-2024-4671NULL pointer dereferenceCVE-2024-25527template injectionCVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook