CVE-2012-1151

CVSS V2 Medium 5 CVSS V3 None
Description
Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.19.0 for Perl allow remote PostgreSQL database servers to cause a denial of service (process crash) via format string specifiers in (1) a crafted database warning to the pg_warn function or (2) a crafted DBD statement to the dbd_st_prepare function.
Overview
  • CVE ID
  • CVE-2012-1151
  • Assigner
  • secalert@redhat.com
  • Vulnerability Status
  • Modified
  • Published Version
  • 2012-09-09T21:55:05
  • Last Modified Date
  • 2017-08-29T01:31:13
Weakness Enumerations
CWE URL
CWE-134 http://cwe.mitre.org/data/definitions/134.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:perl:perl:*:*:*:*:*:*:*:* 1 OR 2.18.1
cpe:2.3:a:perl:perl:0.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.5:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.52:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.61:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.62:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.63:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.64:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.65:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.66:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.67:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.68:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.69:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.70:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.71:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.72:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.73:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.80:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.81:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.82:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.83:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.84:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.85:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.86:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.87:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.88:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.89:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.90:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.91:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.92:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.93:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.94:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.95:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.96:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.97:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.98:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:0.99:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:1.00:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:1.01:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:1.20:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:1.21:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:1.22:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:1.31:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:1.32:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:1.40:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:1.41:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:1.42:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:1.43:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:1.44:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:1.45:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:1.46:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:1.47:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:1.48:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:1.49:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.0.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.1.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.1.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.1.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.1.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.2.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.2.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.2.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.3.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.4.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.5.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.5.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.6.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.6.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.6.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.6.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.6.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.6.5:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.6.6:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.7.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.7.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.7.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.8.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.8.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.8.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.8.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.8.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.8.5:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.8.6:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.8.7:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.8.8:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.9.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.9.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.9.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.10.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.10.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.10.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.10.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.10.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.10.5:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.10.6:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.10.7:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.11.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.11.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.11.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.11.3:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.11.4:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.11.5:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.11.6:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.11.7:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.11.8:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.12.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.13.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.14.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.14.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.15.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.15.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.16.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.16.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.17.0:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.17.1:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.17.2:*:*:*:*:*:*:* 1 OR
cpe:2.3:a:perl:perl:2.18.0:*:*:*:*:*:*:* 1 OR
CVSS Version 2
  • Version
  • 2.0
  • Vector String
  • AV:N/AC:L/Au:N/C:N/I:N/A:P
  • Access Vector
  • NETWORK
  • Access Compatibility
  • LOW
  • Authentication
  • NONE
  • Confidentiality Impact
  • NONE
  • Integrity Impact
  • NONE
  • Availability Impact
  • PARTIAL
  • Base Score
  • 5
  • Severity
  • MEDIUM
  • Exploitability Score
  • 10
  • Impact Score
  • 2.9
References
Reference URL Reference Tags
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661536
https://rt.cpan.org/Public/Bug/Display.html?id=75642
http://secunia.com/advisories/48319 Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=801733
http://www.openwall.com/lists/oss-security/2012/03/10/4
http://secunia.com/advisories/48307 Vendor Advisory
http://www.debian.org/security/2012/dsa-2431
http://cpansearch.perl.org/src/TURNSTEP/DBD-Pg-2.19.1/Changes
http://www.openwall.com/lists/oss-security/2012/03/09/6
http://rhn.redhat.com/errata/RHSA-2012-1116.html
http://secunia.com/advisories/48824
http://security.gentoo.org/glsa/glsa-201204-08.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2012:112
https://exchange.xforce.ibmcloud.com/vulnerabilities/73855
https://exchange.xforce.ibmcloud.com/vulnerabilities/73854
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2012-1151
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1151
History
Created Old Value New Value Data Type Notes
2022-05-10 08:50:34 Added to TrackCVE