QwikSec

Security Database

CVE

CWE

Training

CVE-2016-1249

Published: Feb 16, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

The DBD::mysql module before 4.039 for Perl, when using server-side prepared statement support, allows attackers to cause a denial of service (out-of-bounds read) via vectors involving an unaligned number of placeholders in WHERE condition and output fields in SELECT expression.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20161115 CVE-2016-1249: Out-of-bounds read by DBD::mysql >= version 2.9003

mailing-list

x_refsource_MLIST

https://github.com/perl5-dbi/DBD-mysql/commit/793b72b1a0baa5070adacaac0e12fd995a6fbabe

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

http://cpansearch.perl.org/src/CAPTTOFU/DBD-mysql-4.039/Changes

x_refsource_CONFIRM

vendor-advisory

x_refsource_GENTOO

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.