Published: 05/10/2016 Updated: 13/11/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Buffer overflow in the DBD::mysql module prior to 4.037 for Perl allows context-dependent malicious users to cause a denial of service (crash) via vectors related to an error message.

Vulnerable Product	Search on Vulmon	Subscribe to Product
dbd-mysql_project dbd-mysql
debian debian linux 8.0

DBD::mysql could be made to crash or run programs if it received specially crafted input ...

Pali Rohar discovered that libdbd-mysql-perl, the Perl DBI database driver for MySQL and MariaDB, constructed an error message in a fixed-length buffer, leading to a crash (_FORTIFY_SOURCE failure) and, potentially, to denial of service For the stable distribution (jessie), this problem has been fixed in version 4028-2+deb8u2 We recommend that y ...

Buffer overflow in the DBD::mysql module before 4037 for Perl allows context-dependent attackers to cause a denial of service (crash) via vectors related to an error message ...

CWE-119 http://blogs.perl.org/users/mike_b/2016/10/security-release---buffer-overflow-in-dbdmysql-perl-library.html http://www.debian.org/security/2016/dsa-3684 https://github.com/perl5-dbi/DBD-mysql/commit/7c164a0c86cec6ee95df1d141e67b0e85dfdefd2 http://www.securityfocus.com/bid/93337 https://security.gentoo.org/glsa/201701-51 https://usn.ubuntu.com/3103-1/https://nvd.nist.gov

CVE-2016-1246

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect