ALAS2-2019-1354 --- unixODBC| ID: oval:org.secpod.oval:def:1700268 | Date: (C)2019-11-11 (M)2023-06-16 |
| Class: PATCH | Family: unix |
A buffer overflow flaw was found in the unicode_to_ansi_copy function of unixODBC. This overflow is not directly controllable by an attacker making the maximum potential impact a crash or denial of service.An argument order confusion flaw was found in the SQLWriteFileDSN API of unixODBC. This could only be exploited via a malicious ODBC database connector package with the maximum impact being a denial of service
