rpm package
suse/unixODBC&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP3
pkg:rpm/suse/unixODBC&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-7485 | Cri | 9.8 | < 2.3.6-7.9.1 | 2.3.6-7.9.1 | Feb 26, 2018 | The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC 2.3.5 has strncpy arguments in the wrong order, which allows attackers to cause a denial of service or possibly have unspecified other impact. | |
| CVE-2018-7409 | Cri | 9.8 | < 2.3.6-7.9.1 | 2.3.6-7.9.1 | Feb 22, 2018 | In unixODBC before 2.3.5, there is a buffer overflow in the unicode_to_ansi_copy() function in DriverManager/__info.c. |
- affected < 2.3.6-7.9.1fixed 2.3.6-7.9.1
The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC 2.3.5 has strncpy arguments in the wrong order, which allows attackers to cause a denial of service or possibly have unspecified other impact.
- affected < 2.3.6-7.9.1fixed 2.3.6-7.9.1
In unixODBC before 2.3.5, there is a buffer overflow in the unicode_to_ansi_copy() function in DriverManager/__info.c.