CVE-2012-1151

2012-09-0900:00:00

ubuntu.com

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.029 Low

EPSS

Percentile

90.6%

JSON

Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD-Pg
or libdbd-pg-perl) module before 2.19.0 for Perl allow remote PostgreSQL
database servers to cause a denial of service (process crash) via format
string specifiers in (1) a crafted database warning to the pg_warn function
or (2) a crafted DBD statement to the dbd_st_prepare function.

Bugs

<http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661536>

OSVersionArchitecturePackageVersionFilename
ubuntu10.10noarchlibdbd-pg-perl< 2.17.1-2+squeeze1build0.10.10.1UNKNOWN
ubuntu12.04noarchlibdbd-pg-perl< 2.19.0-1UNKNOWN
ubuntu12.10noarchlibdbd-pg-perl< 2.19.0-1UNKNOWN
ubuntu13.04noarchlibdbd-pg-perl< 2.19.0-1UNKNOWN
ubuntu13.10noarchlibdbd-pg-perl< 2.19.0-1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	10.10	noarch	libdbd-pg-perl	< 2.17.1-2+squeeze1build0.10.10.1	UNKNOWN
ubuntu	12.04	noarch	libdbd-pg-perl	< 2.19.0-1	UNKNOWN
ubuntu	12.10	noarch	libdbd-pg-perl	< 2.19.0-1	UNKNOWN
ubuntu	13.04	noarch	libdbd-pg-perl	< 2.19.0-1	UNKNOWN
ubuntu	13.10	noarch	libdbd-pg-perl	< 2.19.0-1	UNKNOWN