Description

Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.19.0 for Perl allow remote PostgreSQL database servers to cause a denial of service (process crash) via format string specifiers in (1) a crafted database warning to the pg_warn function or (2) a crafted DBD statement to the dbd_st_prepare function.

Remediation

References

CVE-2012-1151

Related Vulnerabilities

WordPress Plugin Zotpress SQL Injection (6.1.2)

PostgreSQL Resource Management Errors Vulnerability (CVE-2007-4772)

WordPress Plugin Uploadify Integration Multiple Cross-Site Scripting Vulnerabilities (0.9.6)

Oracle Application Server Other Vulnerability (CVE-2006-5366)

WordPress 3.9.x Denial of Service Vulnerability (3.9 - 3.9.23)

Severity

Medium

Classification

CVE-2012-1151 CWE-134

Tags

Missing Update Known Vulnerabilities