rpm package
opensuse/unixODBC&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/unixODBC&distro=openSUSE%20Tumbleweed
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2011-1145 | — | < 2.3.4-3.5 | 2.3.4-3.5 | Nov 14, 2019 | The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string. | ||
| CVE-2018-7485 | Cri | 9.8 | < 2.3.9-3.4 | 2.3.9-3.4 | Feb 26, 2018 | The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC 2.3.5 has strncpy arguments in the wrong order, which allows attackers to cause a denial of service or possibly have unspecified other impact. | |
| CVE-2018-7409 | Cri | 9.8 | < 2.3.9-3.4 | 2.3.9-3.4 | Feb 22, 2018 | In unixODBC before 2.3.5, there is a buffer overflow in the unicode_to_ansi_copy() function in DriverManager/__info.c. |
- CVE-2011-1145Nov 14, 2019affected < 2.3.4-3.5fixed 2.3.4-3.5
The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.
- affected < 2.3.9-3.4fixed 2.3.9-3.4
The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC 2.3.5 has strncpy arguments in the wrong order, which allows attackers to cause a denial of service or possibly have unspecified other impact.
- affected < 2.3.9-3.4fixed 2.3.9-3.4
In unixODBC before 2.3.5, there is a buffer overflow in the unicode_to_ansi_copy() function in DriverManager/__info.c.