AVG-627

Package unixodbc
Status Fixed
Severity High
Type arbitrary code execution
Affected 2.3.4-1
Fixed 2.3.5-1
Current 2.3.7-2 [extra]
Ticket None
Created Thu Feb 22 22:07:26 2018
Issue Severity Remote Type Description
CVE-2018-7409 High Yes Arbitrary code execution
In unixODBC before 2.3.5, there is a buffer overflow in the unicode_to_ansi_copy() function in DriverManager/__info.c possibly leading to arbitrary code execution.
Date Advisory Package Description
23 Feb 2018 ASA-201802-14 unixodbc arbitrary code execution