CVE-2012-1151

Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.19.0 for Perl allow remote PostgreSQL database servers to cause a denial of service (process crash) via format string specifiers in (1) a crafted database warning to the pg_warn function or (2) a crafted DBD statement to the dbd_st_prepare function.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:N/I:N/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 84%
VendorProductVersion
perlperl
𝑥
≤ 2.18.1
perlperl
0.1
perlperl
0.2
perlperl
0.3
perlperl
0.4
perlperl
0.5
perlperl
0.52
perlperl
0.61
perlperl
0.62
perlperl
0.63
perlperl
0.64
perlperl
0.65
perlperl
0.66
perlperl
0.67
perlperl
0.68
perlperl
0.69
perlperl
0.70
perlperl
0.71
perlperl
0.72
perlperl
0.73
perlperl
0.80
perlperl
0.81
perlperl
0.82
perlperl
0.83
perlperl
0.84
perlperl
0.85
perlperl
0.86
perlperl
0.87
perlperl
0.88
perlperl
0.89
perlperl
0.90
perlperl
0.91
perlperl
0.92
perlperl
0.93
perlperl
0.94
perlperl
0.95
perlperl
0.96
perlperl
0.97
perlperl
0.98
perlperl
0.99
perlperl
1.00
perlperl
1.01
perlperl
1.20
perlperl
1.21
perlperl
1.22
perlperl
1.31
perlperl
1.32
perlperl
1.40
perlperl
1.41
perlperl
1.42
perlperl
1.43
perlperl
1.44
perlperl
1.45
perlperl
1.46
perlperl
1.47
perlperl
1.48
perlperl
1.49
perlperl
2.0.0
perlperl
2.1.0
perlperl
2.1.1
perlperl
2.1.2
perlperl
2.1.3
perlperl
2.2.0
perlperl
2.2.1
perlperl
2.2.2
perlperl
2.3.0
perlperl
2.4.0
perlperl
2.5.0
perlperl
2.5.1
perlperl
2.6.0
perlperl
2.6.1
perlperl
2.6.2
perlperl
2.6.3
perlperl
2.6.4
perlperl
2.6.5
perlperl
2.6.6
perlperl
2.7.0
perlperl
2.7.1
perlperl
2.7.2
perlperl
2.8.0
perlperl
2.8.1
perlperl
2.8.2
perlperl
2.8.3
perlperl
2.8.4
perlperl
2.8.5
perlperl
2.8.6
perlperl
2.8.7
perlperl
2.8.8
perlperl
2.9.0
perlperl
2.9.1
perlperl
2.9.2
perlperl
2.10.0
perlperl
2.10.1
perlperl
2.10.2
perlperl
2.10.3
perlperl
2.10.4
perlperl
2.10.5
perlperl
2.10.6
perlperl
2.10.7
perlperl
2.11.0
perlperl
2.11.1
perlperl
2.11.2
perlperl
2.11.3
perlperl
2.11.4
perlperl
2.11.5
perlperl
2.11.6
perlperl
2.11.7
perlperl
2.11.8
perlperl
2.12.0
perlperl
2.13.0
perlperl
2.14.0
perlperl
2.14.1
perlperl
2.15.0
perlperl
2.15.1
perlperl
2.16.0
perlperl
2.16.1
perlperl
2.17.0
perlperl
2.17.1
perlperl
2.17.2
perlperl
2.18.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
libdbd-pg-perl
bullseye
3.14.2-1
fixed
bookworm
3.16.0-2
fixed
sid
3.18.0-1
fixed
trixie
3.18.0-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
libdbd-pg-perl
saucy
Fixed 2.19.0-1
released
raring
Fixed 2.19.0-1
released
quantal
Fixed 2.19.0-1
released
precise
Fixed 2.19.0-1
released
oneiric
ignored
natty
ignored
maverick
Fixed 2.17.1-2+squeeze1build0.10.10.1
released
lucid
ignored
hardy
ignored
Common Weakness Enumeration
References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661536
http://cpansearch.perl.org/src/TURNSTEP/DBD-Pg-2.19.1/Changes
http://rhn.redhat.com/errata/RHSA-2012-1116.html
http://secunia.com/advisories/48307
http://secunia.com/advisories/48319
http://secunia.com/advisories/48824
http://security.gentoo.org/glsa/glsa-201204-08.xml
http://www.debian.org/security/2012/dsa-2431
http://www.mandriva.com/security/advisories?name=MDVSA-2012:112
http://www.openwall.com/lists/oss-security/2012/03/09/6
http://www.openwall.com/lists/oss-security/2012/03/10/4
https://bugzilla.redhat.com/show_bug.cgi?id=801733
https://exchange.xforce.ibmcloud.com/vulnerabilities/73854
https://exchange.xforce.ibmcloud.com/vulnerabilities/73855
https://rt.cpan.org/Public/Bug/Display.html?id=75642
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661536
http://cpansearch.perl.org/src/TURNSTEP/DBD-Pg-2.19.1/Changes
http://rhn.redhat.com/errata/RHSA-2012-1116.html
http://secunia.com/advisories/48307
http://secunia.com/advisories/48319
http://secunia.com/advisories/48824
http://security.gentoo.org/glsa/glsa-201204-08.xml
http://www.debian.org/security/2012/dsa-2431
http://www.mandriva.com/security/advisories?name=MDVSA-2012:112
http://www.openwall.com/lists/oss-security/2012/03/09/6
http://www.openwall.com/lists/oss-security/2012/03/10/4
https://bugzilla.redhat.com/show_bug.cgi?id=801733
https://exchange.xforce.ibmcloud.com/vulnerabilities/73854
https://exchange.xforce.ibmcloud.com/vulnerabilities/73855
https://rt.cpan.org/Public/Bug/Display.html?id=75642