CVE-2024-1013
- EPSS 0.06%
- Veröffentlicht 18.03.2024 11:15:09
- Zuletzt bearbeitet 26.03.2025 05:15:39
An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 bytes and callee writes 8 bytes. This issue may go unnoticed on little-endian architectures, while big-endian architectures can be broken.
CVE-2011-1145
- EPSS 0.22%
- Veröffentlicht 14.11.2019 02:15:10
- Zuletzt bearbeitet 21.11.2024 01:25:39
The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.
CVE-2018-7485
- EPSS 0.22%
- Veröffentlicht 26.02.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 04:12:13
The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC 2.3.5 has strncpy arguments in the wrong order, which allows attackers to cause a denial of service or possibly have unspecified other impact.
CVE-2018-7409
- EPSS 0.24%
- Veröffentlicht 22.02.2018 18:29:00
- Zuletzt bearbeitet 21.11.2024 04:12:05
In unixODBC before 2.3.5, there is a buffer overflow in the unicode_to_ansi_copy() function in DriverManager/__info.c.
CVE-2012-2658
- EPSS 0.05%
- Veröffentlicht 31.08.2012 18:55:01
- Zuletzt bearbeitet 11.04.2025 00:51:21
Buffer overflow in the SQLDriverConnect function in unixODBC 2.3.1 allows local users to cause a denial of service (crash) via a long string in the DRIVER option. NOTE: this issue might not be a vulnerability, since the ability to set this option typ...
CVE-2012-2657
- EPSS 0.12%
- Veröffentlicht 31.08.2012 18:55:00
- Zuletzt bearbeitet 11.04.2025 00:51:21
Buffer overflow in the SQLDriverConnect function in unixODBC 2.0.10, 2.3.1, and earlier allows local users to cause a denial of service (crash) via a long string in the FILEDSN option. NOTE: this issue might not be a vulnerability, since the ability ...