CVE-2012-1151

描述

Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.19.0 for Perl allow remote PostgreSQL database servers to cause a denial of service (process crash) via format string specifiers in (1) a crafted database warning to the pg_warn function or (2) a crafted DBD statement to the dbd_st_prepare function.

受影響套件(2)

• Debian/libdbd-pg-perlfrom 0, < 2.19.0-1
• Debian/libdbd-pg-perlfrom 0, < 2.17.1-2+squeeze1

參考連結(1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2012-1151