CVE-2015-8949

Published: Aug 19, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

Use-after-free vulnerability in the my_login function in DBD::mysql before 4.033_01 allows attackers to have unspecified impact by leveraging a call to mysql_errno after a failure of my_login.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/perl5-dbi/DBD-mysql/commit/cf0aa7751f6ef8445e9310a64b14dc81460ca156

x_refsource_CONFIRM

https://blog.fuzzing-project.org/50-Use-after-free-in-my_login-function-of-DBDmysql-Perl-module.html

x_refsource_MISC

https://github.com/perl5-dbi/DBD-mysql/blob/4.033_01/Changes

x_refsource_CONFIRM

https://github.com/perl5-dbi/DBD-mysql/pull/45

x_refsource_CONFIRM

DSA-3635

vendor-advisory

x_refsource_DEBIAN

[oss-security] 20160726 Re: Use after free in my_login() function of DBD::mysql (Perl module)

mailing-list

x_refsource_MLIST

[oss-security] 20160725 Use after free in my_login() function of DBD::mysql (Perl module)

mailing-list

x_refsource_MLIST

92118

vdb-entry

x_refsource_BID

GLSA-201701-51

vendor-advisory

x_refsource_GENTOO

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2015-8949

Description

Affected Products

References