In unixODBC before 2.3.5, there is a buffer overflow in the unicodetoansicopy() function in DriverManager/_info.c.
{ "priority_reason": "One-byte buffer overflow that isn't attacker controlled, DoS only", "binaries": [ { "binary_version": "2.2.14p2-5ubuntu5+esm1", "binary_name": "libodbc1" }, { "binary_version": "2.2.14p2-5ubuntu5+esm1", "binary_name": "libodbc1-dbgsym" }, { "binary_version": "2.2.14p2-5ubuntu5+esm1", "binary_name": "odbcinst" }, { "binary_version": "2.2.14p2-5ubuntu5+esm1", "binary_name": "odbcinst-dbgsym" }, { "binary_version": "2.2.14p2-5ubuntu5+esm1", "binary_name": "odbcinst1debian2" }, { "binary_version": "2.2.14p2-5ubuntu5+esm1", "binary_name": "odbcinst1debian2-dbgsym" }, { "binary_version": "2.2.14p2-5ubuntu5+esm1", "binary_name": "unixodbc" }, { "binary_version": "2.2.14p2-5ubuntu5+esm1", "binary_name": "unixodbc-dbgsym" }, { "binary_version": "2.2.14p2-5ubuntu5+esm1", "binary_name": "unixodbc-dev" } ], "ubuntu_priority": "low", "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro" }
{ "priority_reason": "One-byte buffer overflow that isn't attacker controlled, DoS only", "binaries": [ { "binary_version": "2.3.1-4.1ubuntu0.1~esm1", "binary_name": "libodbc1" }, { "binary_version": "2.3.1-4.1ubuntu0.1~esm1", "binary_name": "libodbc1-dbgsym" }, { "binary_version": "2.3.1-4.1ubuntu0.1~esm1", "binary_name": "odbcinst" }, { "binary_version": "2.3.1-4.1ubuntu0.1~esm1", "binary_name": "odbcinst-dbgsym" }, { "binary_version": "2.3.1-4.1ubuntu0.1~esm1", "binary_name": "odbcinst1debian2" }, { "binary_version": "2.3.1-4.1ubuntu0.1~esm1", "binary_name": "odbcinst1debian2-dbgsym" }, { "binary_version": "2.3.1-4.1ubuntu0.1~esm1", "binary_name": "unixodbc" }, { "binary_version": "2.3.1-4.1ubuntu0.1~esm1", "binary_name": "unixodbc-dbgsym" }, { "binary_version": "2.3.1-4.1ubuntu0.1~esm1", "binary_name": "unixodbc-dev" } ], "ubuntu_priority": "low", "availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro" }
{ "priority_reason": "One-byte buffer overflow that isn't attacker controlled, DoS only", "binaries": [ { "binary_version": "2.3.4-1.1ubuntu3", "binary_name": "libodbc1" }, { "binary_version": "2.3.4-1.1ubuntu3", "binary_name": "libodbc1-dbgsym" }, { "binary_version": "2.3.4-1.1ubuntu3", "binary_name": "odbcinst" }, { "binary_version": "2.3.4-1.1ubuntu3", "binary_name": "odbcinst-dbgsym" }, { "binary_version": "2.3.4-1.1ubuntu3", "binary_name": "odbcinst1debian2" }, { "binary_version": "2.3.4-1.1ubuntu3", "binary_name": "odbcinst1debian2-dbgsym" }, { "binary_version": "2.3.4-1.1ubuntu3", "binary_name": "unixodbc" }, { "binary_version": "2.3.4-1.1ubuntu3", "binary_name": "unixodbc-dbgsym" }, { "binary_version": "2.3.4-1.1ubuntu3", "binary_name": "unixodbc-dev" } ], "ubuntu_priority": "low", "availability": "No subscription required" }