CVE-2012-1151 : Detail

CVE-2012-1151

3.35%V3
Network
2012-09-09
19h00 +00:00
2017-08-28
10h57 +00:00
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.19.0 for Perl allow remote PostgreSQL database servers to cause a denial of service (process crash) via format string specifiers in (1) a crafted database warning to the pg_warn function or (2) a crafted DBD statement to the dbd_st_prepare function.

CVE Informations

Related Weaknesses

CWE-ID Weakness Name Source
CWE-134 Use of Externally-Controlled Format String
The product uses a function that accepts a format string as an argument, but the format string originates from an external source.

Metrics

Metrics Score Severity CVSS Vector Source
V2 5 AV:N/AC:L/Au:N/C:N/I:N/A:P [email protected]

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

Products Mentioned

Configuraton 0

Perl>>Perl >> Version To (including) 2.18.1

Perl>>Perl >> Version 0.1

Perl>>Perl >> Version 0.2

Perl>>Perl >> Version 0.3

Perl>>Perl >> Version 0.4

Perl>>Perl >> Version 0.5

Perl>>Perl >> Version 0.52

Perl>>Perl >> Version 0.61

Perl>>Perl >> Version 0.62

Perl>>Perl >> Version 0.63

Perl>>Perl >> Version 0.64

Perl>>Perl >> Version 0.65

Perl>>Perl >> Version 0.66

Perl>>Perl >> Version 0.67

Perl>>Perl >> Version 0.68

Perl>>Perl >> Version 0.69

Perl>>Perl >> Version 0.70

Perl>>Perl >> Version 0.71

Perl>>Perl >> Version 0.72

Perl>>Perl >> Version 0.73

Perl>>Perl >> Version 0.80

Perl>>Perl >> Version 0.81

Perl>>Perl >> Version 0.82

Perl>>Perl >> Version 0.83

Perl>>Perl >> Version 0.84

Perl>>Perl >> Version 0.85

Perl>>Perl >> Version 0.86

Perl>>Perl >> Version 0.87

Perl>>Perl >> Version 0.88

Perl>>Perl >> Version 0.89

Perl>>Perl >> Version 0.90

Perl>>Perl >> Version 0.91

Perl>>Perl >> Version 0.92

Perl>>Perl >> Version 0.93

Perl>>Perl >> Version 0.94

Perl>>Perl >> Version 0.95

Perl>>Perl >> Version 0.96

Perl>>Perl >> Version 0.97

Perl>>Perl >> Version 0.98

Perl>>Perl >> Version 0.99

Perl>>Perl >> Version 1.00

Perl>>Perl >> Version 1.01

Perl>>Perl >> Version 1.20

Perl>>Perl >> Version 1.21

Perl>>Perl >> Version 1.22

Perl>>Perl >> Version 1.31

Perl>>Perl >> Version 1.32

Perl>>Perl >> Version 1.40

Perl>>Perl >> Version 1.41

Perl>>Perl >> Version 1.42

Perl>>Perl >> Version 1.43

Perl>>Perl >> Version 1.44

Perl>>Perl >> Version 1.45

Perl>>Perl >> Version 1.46

Perl>>Perl >> Version 1.47

Perl>>Perl >> Version 1.48

Perl>>Perl >> Version 1.49

Perl>>Perl >> Version 2.0.0

Perl>>Perl >> Version 2.1.0

Perl>>Perl >> Version 2.1.1

Perl>>Perl >> Version 2.1.2

Perl>>Perl >> Version 2.1.3

Perl>>Perl >> Version 2.2.0

Perl>>Perl >> Version 2.2.1

Perl>>Perl >> Version 2.2.2

Perl>>Perl >> Version 2.3.0

Perl>>Perl >> Version 2.4.0

Perl>>Perl >> Version 2.5.0

Perl>>Perl >> Version 2.5.1

Perl>>Perl >> Version 2.6.0

Perl>>Perl >> Version 2.6.1

Perl>>Perl >> Version 2.6.2

Perl>>Perl >> Version 2.6.3

Perl>>Perl >> Version 2.6.4

Perl>>Perl >> Version 2.6.5

Perl>>Perl >> Version 2.6.6

Perl>>Perl >> Version 2.7.0

Perl>>Perl >> Version 2.7.1

Perl>>Perl >> Version 2.7.2

Perl>>Perl >> Version 2.8.0

Perl>>Perl >> Version 2.8.1

Perl>>Perl >> Version 2.8.2

Perl>>Perl >> Version 2.8.3

Perl>>Perl >> Version 2.8.4

Perl>>Perl >> Version 2.8.5

Perl>>Perl >> Version 2.8.6

Perl>>Perl >> Version 2.8.7

Perl>>Perl >> Version 2.8.8

Perl>>Perl >> Version 2.9.0

Perl>>Perl >> Version 2.9.1

Perl>>Perl >> Version 2.9.2

Perl>>Perl >> Version 2.10.0

Perl>>Perl >> Version 2.10.1

Perl>>Perl >> Version 2.10.2

Perl>>Perl >> Version 2.10.3

Perl>>Perl >> Version 2.10.4

Perl>>Perl >> Version 2.10.5

Perl>>Perl >> Version 2.10.6

Perl>>Perl >> Version 2.10.7

Perl>>Perl >> Version 2.11.0

Perl>>Perl >> Version 2.11.1

Perl>>Perl >> Version 2.11.2

Perl>>Perl >> Version 2.11.3

Perl>>Perl >> Version 2.11.4

Perl>>Perl >> Version 2.11.5

Perl>>Perl >> Version 2.11.6

Perl>>Perl >> Version 2.11.7

Perl>>Perl >> Version 2.11.8

Perl>>Perl >> Version 2.12.0

Perl>>Perl >> Version 2.13.0

Perl>>Perl >> Version 2.14.0

Perl>>Perl >> Version 2.14.1

Perl>>Perl >> Version 2.15.0

Perl>>Perl >> Version 2.15.1

Perl>>Perl >> Version 2.16.0

Perl>>Perl >> Version 2.16.1

Perl>>Perl >> Version 2.17.0

Perl>>Perl >> Version 2.17.1

Perl>>Perl >> Version 2.17.2

Perl>>Perl >> Version 2.18.0

References

http://www.openwall.com/lists/oss-security/2012/03/10/4
Tags : mailing-list, x_refsource_MLIST
http://www.mandriva.com/security/advisories?name=MDVSA-2012:112
Tags : vendor-advisory, x_refsource_MANDRIVA
http://secunia.com/advisories/48307
Tags : third-party-advisory, x_refsource_SECUNIA
http://rhn.redhat.com/errata/RHSA-2012-1116.html
Tags : vendor-advisory, x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2012/03/09/6
Tags : mailing-list, x_refsource_MLIST
http://secunia.com/advisories/48319
Tags : third-party-advisory, x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-201204-08.xml
Tags : vendor-advisory, x_refsource_GENTOO
http://www.debian.org/security/2012/dsa-2431
Tags : vendor-advisory, x_refsource_DEBIAN
http://secunia.com/advisories/48824
Tags : third-party-advisory, x_refsource_SECUNIA