CVE-2012-1151

EPSS 2.5%

libdbd-pg-perl - format string vulnerabilities

Published: 9/9/2012Modified: 4/28/2026

Description

Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.19.0 for Perl allow remote PostgreSQL database servers to cause a denial of service (process crash) via format string specifiers in (1) a crafted database warning to the pg_warn function or (2) a crafted DBD statement to the dbd_st_prepare function.

Affected packages (2)

Debian/libdbd-pg-perlfrom 0, < 2.19.0-1
Debian/libdbd-pg-perlfrom 0, < 2.17.1-2+squeeze1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2012-1151