VYPR

Unixodbc

by Unixodbc

CVEs (6)

  • CVE-2018-7409CriFeb 22, 2018
    risk 0.64cvss 9.8epss 0.03

    In unixODBC before 2.3.5, there is a buffer overflow in the unicode_to_ansi_copy() function in DriverManager/__info.c.

  • CVE-2011-1145HigNov 14, 2019
    risk 0.51cvss 7.8epss 0.00

    The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.

  • CVE-2024-1013HigMar 18, 2024
    risk 0.00cvss 7.8epss 0.00

    An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 bytes and callee writes 8 bytes. This issue may go unnoticed on little-endian architectures, while big-endian architectures can be broken.

  • CVE-2018-7485CriFeb 26, 2018
    risk 0.00cvss 9.8epss 0.03

    The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC 2.3.5 has strncpy arguments in the wrong order, which allows attackers to cause a denial of service or possibly have unspecified other impact.

  • CVE-2012-2658Aug 31, 2012
    risk 0.00cvss epss 0.01

    Buffer overflow in the SQLDriverConnect function in unixODBC 2.3.1 allows local users to cause a denial of service (crash) via a long string in the DRIVER option. NOTE: this issue might not be a vulnerability, since the ability to set this option typically implies that the…

  • CVE-2012-2657Aug 31, 2012
    risk 0.00cvss epss 0.00

    Buffer overflow in the SQLDriverConnect function in unixODBC 2.0.10, 2.3.1, and earlier allows local users to cause a denial of service (crash) via a long string in the FILEDSN option. NOTE: this issue might not be a vulnerability, since the ability to set this option typically…