Multiple format string vulnerabilities in dbdimp.c in DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.19.0 for Perl allow remote PostgreSQL database servers to cause a denial of service (process crash) via format string specifiers in (1) a crafted database warning to the pg_warn function or (2) a crafted DBD statement to the dbd_st_prepare function.
The product uses a function that accepts a format string as an argument, but the format string originates from an external source.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Perl | Perl | * | 2.18.1 (including) |
| Perl | Perl | 0.1 (including) | 0.1 (including) |
| Perl | Perl | 0.2 (including) | 0.2 (including) |
| Perl | Perl | 0.3 (including) | 0.3 (including) |
| Perl | Perl | 0.4 (including) | 0.4 (including) |
| Perl | Perl | 0.5 (including) | 0.5 (including) |
| Perl | Perl | 0.52 (including) | 0.52 (including) |
| Perl | Perl | 0.61 (including) | 0.61 (including) |
| Perl | Perl | 0.62 (including) | 0.62 (including) |
| Perl | Perl | 0.63 (including) | 0.63 (including) |
| Perl | Perl | 0.64 (including) | 0.64 (including) |
| Perl | Perl | 0.65 (including) | 0.65 (including) |
| Perl | Perl | 0.66 (including) | 0.66 (including) |
| Perl | Perl | 0.67 (including) | 0.67 (including) |
| Perl | Perl | 0.68 (including) | 0.68 (including) |
| Perl | Perl | 0.69 (including) | 0.69 (including) |
| Perl | Perl | 0.70 (including) | 0.70 (including) |
| Perl | Perl | 0.71 (including) | 0.71 (including) |
| Perl | Perl | 0.72 (including) | 0.72 (including) |
| Perl | Perl | 0.73 (including) | 0.73 (including) |
| Perl | Perl | 0.80 (including) | 0.80 (including) |
| Perl | Perl | 0.81 (including) | 0.81 (including) |
| Perl | Perl | 0.82 (including) | 0.82 (including) |
| Perl | Perl | 0.83 (including) | 0.83 (including) |
| Perl | Perl | 0.84 (including) | 0.84 (including) |
| Perl | Perl | 0.85 (including) | 0.85 (including) |
| Perl | Perl | 0.86 (including) | 0.86 (including) |
| Perl | Perl | 0.87 (including) | 0.87 (including) |
| Perl | Perl | 0.88 (including) | 0.88 (including) |
| Perl | Perl | 0.89 (including) | 0.89 (including) |
| Perl | Perl | 0.90 (including) | 0.90 (including) |
| Perl | Perl | 0.91 (including) | 0.91 (including) |
| Perl | Perl | 0.92 (including) | 0.92 (including) |
| Perl | Perl | 0.93 (including) | 0.93 (including) |
| Perl | Perl | 0.94 (including) | 0.94 (including) |
| Perl | Perl | 0.95 (including) | 0.95 (including) |
| Perl | Perl | 0.96 (including) | 0.96 (including) |
| Perl | Perl | 0.97 (including) | 0.97 (including) |
| Perl | Perl | 0.98 (including) | 0.98 (including) |
| Perl | Perl | 0.99 (including) | 0.99 (including) |
| Perl | Perl | 1.00 (including) | 1.00 (including) |
| Perl | Perl | 1.01 (including) | 1.01 (including) |
| Perl | Perl | 1.20 (including) | 1.20 (including) |
| Perl | Perl | 1.21 (including) | 1.21 (including) |
| Perl | Perl | 1.22 (including) | 1.22 (including) |
| Perl | Perl | 1.31 (including) | 1.31 (including) |
| Perl | Perl | 1.32 (including) | 1.32 (including) |
| Perl | Perl | 1.40 (including) | 1.40 (including) |
| Perl | Perl | 1.41 (including) | 1.41 (including) |
| Perl | Perl | 1.42 (including) | 1.42 (including) |
| Perl | Perl | 1.43 (including) | 1.43 (including) |
| Perl | Perl | 1.44 (including) | 1.44 (including) |
| Perl | Perl | 1.45 (including) | 1.45 (including) |
| Perl | Perl | 1.46 (including) | 1.46 (including) |
| Perl | Perl | 1.47 (including) | 1.47 (including) |
| Perl | Perl | 1.48 (including) | 1.48 (including) |
| Perl | Perl | 1.49 (including) | 1.49 (including) |
| Perl | Perl | 2.0.0 (including) | 2.0.0 (including) |
| Perl | Perl | 2.1.0 (including) | 2.1.0 (including) |
| Perl | Perl | 2.1.1 (including) | 2.1.1 (including) |
| Perl | Perl | 2.1.2 (including) | 2.1.2 (including) |
| Perl | Perl | 2.1.3 (including) | 2.1.3 (including) |
| Perl | Perl | 2.2.0 (including) | 2.2.0 (including) |
| Perl | Perl | 2.2.1 (including) | 2.2.1 (including) |
| Perl | Perl | 2.2.2 (including) | 2.2.2 (including) |
| Perl | Perl | 2.3.0 (including) | 2.3.0 (including) |
| Perl | Perl | 2.4.0 (including) | 2.4.0 (including) |
| Perl | Perl | 2.5.0 (including) | 2.5.0 (including) |
| Perl | Perl | 2.5.1 (including) | 2.5.1 (including) |
| Perl | Perl | 2.6.0 (including) | 2.6.0 (including) |
| Perl | Perl | 2.6.1 (including) | 2.6.1 (including) |
| Perl | Perl | 2.6.2 (including) | 2.6.2 (including) |
| Perl | Perl | 2.6.3 (including) | 2.6.3 (including) |
| Perl | Perl | 2.6.4 (including) | 2.6.4 (including) |
| Perl | Perl | 2.6.5 (including) | 2.6.5 (including) |
| Perl | Perl | 2.6.6 (including) | 2.6.6 (including) |
| Perl | Perl | 2.7.0 (including) | 2.7.0 (including) |
| Perl | Perl | 2.7.1 (including) | 2.7.1 (including) |
| Perl | Perl | 2.7.2 (including) | 2.7.2 (including) |
| Perl | Perl | 2.8.0 (including) | 2.8.0 (including) |
| Perl | Perl | 2.8.1 (including) | 2.8.1 (including) |
| Perl | Perl | 2.8.2 (including) | 2.8.2 (including) |
| Perl | Perl | 2.8.3 (including) | 2.8.3 (including) |
| Perl | Perl | 2.8.4 (including) | 2.8.4 (including) |
| Perl | Perl | 2.8.5 (including) | 2.8.5 (including) |
| Perl | Perl | 2.8.6 (including) | 2.8.6 (including) |
| Perl | Perl | 2.8.7 (including) | 2.8.7 (including) |
| Perl | Perl | 2.8.8 (including) | 2.8.8 (including) |
| Perl | Perl | 2.9.0 (including) | 2.9.0 (including) |
| Perl | Perl | 2.9.1 (including) | 2.9.1 (including) |
| Perl | Perl | 2.9.2 (including) | 2.9.2 (including) |
| Perl | Perl | 2.10.0 (including) | 2.10.0 (including) |
| Perl | Perl | 2.10.1 (including) | 2.10.1 (including) |
| Perl | Perl | 2.10.2 (including) | 2.10.2 (including) |
| Perl | Perl | 2.10.3 (including) | 2.10.3 (including) |
| Perl | Perl | 2.10.4 (including) | 2.10.4 (including) |
| Perl | Perl | 2.10.5 (including) | 2.10.5 (including) |
| Perl | Perl | 2.10.6 (including) | 2.10.6 (including) |
| Perl | Perl | 2.10.7 (including) | 2.10.7 (including) |
| Perl | Perl | 2.11.0 (including) | 2.11.0 (including) |
| Perl | Perl | 2.11.1 (including) | 2.11.1 (including) |
| Perl | Perl | 2.11.2 (including) | 2.11.2 (including) |
| Perl | Perl | 2.11.3 (including) | 2.11.3 (including) |
| Perl | Perl | 2.11.4 (including) | 2.11.4 (including) |
| Perl | Perl | 2.11.5 (including) | 2.11.5 (including) |
| Perl | Perl | 2.11.6 (including) | 2.11.6 (including) |
| Perl | Perl | 2.11.7 (including) | 2.11.7 (including) |
| Perl | Perl | 2.11.8 (including) | 2.11.8 (including) |
| Perl | Perl | 2.12.0 (including) | 2.12.0 (including) |
| Perl | Perl | 2.13.0 (including) | 2.13.0 (including) |
| Perl | Perl | 2.14.0 (including) | 2.14.0 (including) |
| Perl | Perl | 2.14.1 (including) | 2.14.1 (including) |
| Perl | Perl | 2.15.0 (including) | 2.15.0 (including) |
| Perl | Perl | 2.15.1 (including) | 2.15.1 (including) |
| Perl | Perl | 2.16.0 (including) | 2.16.0 (including) |
| Perl | Perl | 2.16.1 (including) | 2.16.1 (including) |
| Perl | Perl | 2.17.0 (including) | 2.17.0 (including) |
| Perl | Perl | 2.17.1 (including) | 2.17.1 (including) |
| Perl | Perl | 2.17.2 (including) | 2.17.2 (including) |
| Perl | Perl | 2.18.0 (including) | 2.18.0 (including) |
| Red Hat Enterprise Linux 5 | RedHat | perl-DBD-Pg-0:1.49-4.el5_8 | * |
| Red Hat Enterprise Linux 6 | RedHat | perl-DBD-Pg-0:2.15.1-4.el6_3 | * |
| Libdbd-pg-perl | Ubuntu | devel | * |
| Libdbd-pg-perl | Ubuntu | hardy | * |
| Libdbd-pg-perl | Ubuntu | lucid | * |
| Libdbd-pg-perl | Ubuntu | maverick | * |
| Libdbd-pg-perl | Ubuntu | natty | * |
| Libdbd-pg-perl | Ubuntu | oneiric | * |
| Libdbd-pg-perl | Ubuntu | precise | * |
| Libdbd-pg-perl | Ubuntu | quantal | * |
| Libdbd-pg-perl | Ubuntu | raring | * |
| Libdbd-pg-perl | Ubuntu | saucy | * |
| Libdbd-pg-perl | Ubuntu | upstream | * |