CVE-2012-1151

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2012-1151
Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.19.0 for Perl allow remote PostgreSQL database servers to cause a denial of service (process crash) via format string specifiers in (1) a crafted database warning to the pg_warn function or (2) a crafted DBD statement to the dbd_st_prepare function.

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661536
http://cpansearch.perl.org/src/TURNSTEP/DBD-Pg-2.19.1/Changes
http://rhn.redhat.com/errata/RHSA-2012-1116.html
http://secunia.com/advisories/48307 Vendor Advisory
http://secunia.com/advisories/48319 Vendor Advisory
http://secunia.com/advisories/48824
http://security.gentoo.org/glsa/glsa-201204-08.xml
http://www.debian.org/security/2012/dsa-2431
http://www.mandriva.com/security/advisories?name=MDVSA-2012:112
http://www.openwall.com/lists/oss-security/2012/03/09/6
http://www.openwall.com/lists/oss-security/2012/03/10/4
https://bugzilla.redhat.com/show_bug.cgi?id=801733
https://exchange.xforce.ibmcloud.com/vulnerabilities/73854
https://exchange.xforce.ibmcloud.com/vulnerabilities/73855
https://rt.cpan.org/Public/Bug/Display.html?id=75642
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.1:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.2:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.3:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.4:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.5:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.52:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.61:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.62:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.63:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.64:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.65:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.66:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.67:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.68:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.69:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.70:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.71:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.72:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.73:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.80:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.81:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.82:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.83:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.84:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.85:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.86:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.87:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.88:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.89:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.90:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.91:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.92:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.93:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.94:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.95:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.96:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.97:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.98:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:0.99:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:1.00:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:1.01:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:1.20:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:1.21:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:1.22:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:1.31:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:1.32:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:1.40:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:1.41:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:1.42:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:1.43:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:1.44:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:1.45:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:1.46:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:1.47:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:1.48:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:1.49:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.0.0:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.1.1:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.1.2:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.1.3:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.2.0:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.2.1:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.2.2:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.3.0:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.4.0:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.5.0:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.5.1:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.6.0:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.6.1:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.6.2:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.6.3:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.6.4:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.6.5:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.6.6:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.7.0:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.7.1:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.7.2:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.8.0:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.8.1:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.8.2:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.8.3:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.8.4:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.8.5:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.8.6:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.8.7:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.8.8:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.9.0:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.9.1:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.9.2:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.10.0:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.10.1:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.10.2:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.10.3:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.10.4:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.10.5:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.10.6:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.10.7:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.11.0:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.11.1:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.11.2:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.11.3:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.11.4:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.11.5:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.11.6:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.11.7:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.11.8:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.12.0:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.13.0:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.14.0:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.14.1:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.15.0:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.15.1:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.16.0:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.16.1:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.17.0:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.17.1:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.17.2:*:*:*:*:*:*:*
cpe:2.3:a:perl:perl:2.18.0:*:*:*:*:*:*:*
History

No history.

Information

Published : 2012-09-09 21:55

Updated : 2017-08-29 01:31

NVD link : CVE-2012-1151

Mitre link : CVE-2012-1151

CVE.ORG link : CVE-2012-1151

JSON object : View

Products Affected

perl

  • perl
CWE
CWE-134

Use of Externally-Controlled Format String