Description

Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.19.0 for Perl allow remote PostgreSQL database servers to cause a denial of service (process crash) via format string specifiers in (1) a crafted database warning to the pg_warn function or (2) a crafted DBD statement to the dbd_st_prepare function.

Remediation

References

CVE-2012-1151

Related Vulnerabilities

Django Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2015-2317)

Moodle Improper Authentication Vulnerability (CVE-2018-1082)

WordPress Plugin Baggage Freight Shipping Australia Arbitrary File Upload (0.1.0)

WordPress Plugin MainWP Child-Securely connects sites to the MainWP WordPress Manager Dashboard Security Bypass (3.4.4)

OpenSSL Other Vulnerability (CVE-2003-0147)

Severity

Medium

Classification

CVE-2012-1151 CWE-134

Tags

Missing Update Known Vulnerabilities