oss-sec mailing list archives
Re: CVE request: buffer overflow in unixODBC's SQLDriverConnect()
From: Josh Bressers <bressers () redhat com>
Date: Thu, 10 Mar 2011 15:02:57 -0500 (EST)
----- Original Message -----
Hi, Please assign CVE id for a possible buffer overflow in unixODBC's SQLDriverConnect() function by specifying a large value for SAVEFILE parameter in the connection string. A fix has been committed in the SVN addressing the issue: http://unixodbc.svn.sourceforge.net/viewvc/unixodbc/trunk/DriverManager/SQLDriverConnect.c?r1=23&r2=27
Please use CVE-2011-1145. Thanks. -- JB
Current thread:
- CVE request: buffer overflow in unixODBC's SQLDriverConnect() Felipe Pena (Mar 09)
- Re: CVE request: buffer overflow in unixODBC's SQLDriverConnect() Josh Bressers (Mar 10)