Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2012-2658

Publication date 31 August 2012

Last updated 24 July 2024

Ubuntu priority

Low

Why this priority?

** DISPUTED ** Buffer overflow in the SQLDriverConnect function in unixODBC 2.3.1 allows local users to cause a denial of service (crash) via a long string in the DRIVER option. NOTE: this issue might not be a vulnerability, since the ability to set this option typically implies that the attacker already has legitimate access to cause a DoS or execute code, and therefore the issue would not cross privilege boundaries. There may be limited attack scenarios if isql command-line options are exposed to an attacker, although it seems likely that other, more serious issues would also be exposed, and this issue might not cross privilege boundaries in that context.

Read the notes from the security team

Status

Package Ubuntu Release Status
unixodbc 17.10 artful Ignored
17.04 zesty Ignored
16.10 yakkety Ignored
16.04 LTS xenial Ignored
15.10 wily Ignored
15.04 vivid Ignored
14.10 utopic Ignored
14.04 LTS trusty Ignored
13.10 saucy Ignored
13.04 raring Ignored
12.10 quantal Ignored
12.04 LTS precise Ignored
11.10 oneiric Ignored
11.04 natty Ignored
10.04 LTS lucid Ignored
8.04 LTS hardy Ignored

Notes

tyhicks

This one is likely to be rejected

mdeslaur

marking as ignored