Vulnerabilities > Unixodbc

DATE CVE VULNERABILITY TITLE RISK
2019-11-14 CVE-2011-1145 Classic Buffer Overflow vulnerability in multiple products
The SQLDriverConnect() function in unixODBC before 2.2.14p2 have a possible buffer overflow condition when specifying a large value for SAVEFILE parameter in the connection string.
local
low complexity
unixodbc debian opensuse redhat CWE-120
7.8
2018-02-26 CVE-2018-7485 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Unixodbc 2.3.5
The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC 2.3.5 has strncpy arguments in the wrong order, which allows attackers to cause a denial of service or possibly have unspecified other impact.
network
low complexity
unixodbc CWE-119
critical
9.8
2018-02-22 CVE-2018-7409 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Unixodbc
In unixODBC before 2.3.5, there is a buffer overflow in the unicode_to_ansi_copy() function in DriverManager/__info.c.
network
low complexity
unixodbc CWE-119
critical
9.8