Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
2.1
CVSSv2

CVE-2012-2657

Published: 31/08/2012 Updated: 17/05/2024
CVSS v2 Base Score: 2.1 | Impact Score: 2.9 | Exploitability Score: 3.9
VMScore: 187
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Unixodbc

Vulnerability Summary

Buffer overflow in the SQLDriverConnect function in unixODBC 2.0.10, 2.3.1, and previous versions allows local users to cause a denial of service (crash) via a long string in the FILEDSN option. NOTE: this issue might not be a vulnerability, since the ability to set this option typically implies that the attacker already has legitimate access to cause a DoS or execute code, and therefore the issue would not cross privilege boundaries. There may be limited attack scenarios if isql command-line options are exposed to an attacker, although it seems likely that other, more serious issues would also be exposed, and this issue might not cross privilege boundaries in that context.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

unixodbc unixodbc

unixodbc unixodbc 2.3.0

unixodbc unixodbc 2.0.10

Vendor Advisories

Debian CVElist Bug Report Logs: CVE-2018-7409
Debian Bug report logs - #891596 CVE-2018-7409 Package: src:unixodbc; Maintainer for src:unixodbc is Steve Langasek <vorlon@debianorg>; Reported by: "Santiago RR" <santiagorr@riseupnet> Date: Mon, 26 Feb 2018 21:42:01 UTC Severity: grave Tags: patch, security Found in version unixodbc/234-11 Fixed in version ...
Debian CVElist Bug Report Logs: unixodbc: Multiple buffer overflow in unixODBC
Debian Bug report logs - #675058 unixodbc: Multiple buffer overflow in unixODBC Package: unixodbc; Maintainer for unixodbc is Steve Langasek <vorlon@debianorg>; Source for unixodbc is src:unixodbc (PTS, buildd, popcon) Reported by: Henri Salo <henri@nervfi> Date: Tue, 29 May 2012 15:42:01 UTC Severity: normal Tags ...

References

CWE-119http://www.openwall.com/lists/oss-security/2012/05/31/2http://www.osvdb.org/82460http://www.openwall.com/lists/oss-security/2012/06/06/3http://www.securityfocus.com/bid/53712http://www.openwall.com/lists/oss-security/2012/05/30/7http://www.openwall.com/lists/oss-security/2012/05/29/7http://www.openwall.com/lists/oss-security/2012/05/29/10https://exchange.xforce.ibmcloud.com/vulnerabilities/75940https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891596https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333CVE-2024-33901CVE-2024-36001CVE-2024-2835firewallXPath injectionauthentication bypassCVE-2024-22120CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook