Home page logo
/

oss-sec logo oss-sec mailing list archives

CVE request: buffer overflow in unixODBC's SQLDriverConnect()
From: Felipe Pena <felipensp () gmail com>
Date: Wed, 9 Mar 2011 14:18:10 -0300

Hi,
Please assign CVE id for a possible buffer overflow in unixODBC's
SQLDriverConnect() function by specifying a large value for SAVEFILE
parameter in the connection string.

A fix has been committed in the SVN addressing the issue:
http://unixodbc.svn.sourceforge.net/viewvc/unixodbc/trunk/DriverManager/SQLDriverConnect.c?r1=23&r2=27

Thanks.

-- 
Regards,
Felipe Pena

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault