unixodbc
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | ODBC is an open specification for providing application developers with a predictable API with which to access Data Sources |
| Version | 2.3.12-2 [core] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-627 | 2.3.4-1 | 2.3.5-1 | High | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2018-7409 | AVG-627 | High | Yes | Arbitrary code execution | In unixODBC before 2.3.5, there is a buffer overflow in the unicode_to_ansi_copy() function in DriverManager/__info.c possibly leading to arbitrary code execution. |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 23 Feb 2018 | ASA-201802-14 | AVG-627 | High | arbitrary code execution |