CVE-2016-1251
- Source
- https://cve.org/CVERecord?id=CVE-2016-1251
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-1251.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2016-1251
- Downstream
- Related
- Published
- 2016-11-29T20:59:00.170Z
- Modified
- 2026-02-15T07:07:52.242821Z
- Severity
-
- 8.1 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
There is a vulnerability of type use-after-free affecting DBD::mysql (aka DBD-mysql or the Database Interface (DBI) MySQL driver for Perl) 3.x and 4.x before 4.041 when used with mysqlserverprepare=1.
- References
-
- http://www.openwall.com/lists/oss-security/2016/11/28/2
- http://www.securityfocus.com/bid/94573
- https://anonscm.debian.org/cgit/pkg-perl/packages/libdbd-mysql-perl.git/commit/?id=a8b97e4713391b1f8beffbfddac483c276feaff1
- https://github.com/perl5-dbi/DBD-mysql/commit/3619c170461a3107a258d1fd2d00ed4832adb1b1
- https://security.gentoo.org/glsa/201701-51
- https://tracker.debian.org/news/819888
- https://anonscm.debian.org/cgit/pkg-perl/packages/libdbd-mysql-perl.git/commit/?id=a8b97e4713391b1f8beffbfddac483c276feaff1
- https://github.com/perl5-dbi/DBD-mysql/commit/3619c170461a3107a258d1fd2d00ed4832adb1b1
- https://anonscm.debian.org/cgit/pkg-perl/packages/libdbd-mysql-perl.git/commit/?id=a8b97e4713391b1f8beffbfddac483c276feaff1
- https://github.com/perl5-dbi/DBD-mysql/commit/3619c170461a3107a258d1fd2d00ed4832adb1b1
- http://www.openwall.com/lists/oss-security/2016/11/28/2
Affected packages
Git / github.com/perl5-dbi/dbd-mysql
Affected ranges
- Type
- GIT
- Repo
- https://github.com/perl5-dbi/dbd-mysql
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
4.*
4.030_01
4.030_02
4.031
4.032
4.032_01
4.032_02
4.032_03
4.033
4.033_01
4.033_02
4.033_03
4.034
4.035
4.035_01
4.035_02
4.035_03
4.036
4.037
4.037_01
4.037_02
4.038
4.038_01
4.040
Other
4_012
4_013
4_014
4_015
4_019
4_020
4_022
4_022_1
Database specific
source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-1251.json"
vanir_signatures
[
{
"digest": {
"line_hashes": [
"188715675733561009446976502882346480394",
"107950256441078376794216765617357782574",
"196453871356809793990021036321253799454",
"324900896622681343079356612221884188937"
],
"threshold": 0.9
},
"signature_version": "v1",
"target": {
"file": "dbdimp.c"
},
"signature_type": "Line",
"id": "CVE-2016-1251-1b003cbb",
"source": "https://github.com/perl5-dbi/dbd-mysql/commit/3619c170461a3107a258d1fd2d00ed4832adb1b1",
"deprecated": false
},
{
"digest": {
"function_hash": "326296235982873098261977955735233036713",
"length": 8291.0
},
"signature_version": "v1",
"target": {
"file": "dbdimp.c",
"function": "dbd_st_fetch"
},
"signature_type": "Function",
"id": "CVE-2016-1251-f95694e2",
"source": "https://github.com/perl5-dbi/dbd-mysql/commit/3619c170461a3107a258d1fd2d00ed4832adb1b1",
"deprecated": false
}
]