{"id":"CVE-2016-1246","details":"Buffer overflow in the DBD::mysql module before 4.037 for Perl allows context-dependent attackers to cause a denial of service (crash) via vectors related to an error message.","modified":"2026-02-12T07:18:23.279846Z","published":"2016-10-05T16:59:00.243Z","related":["MGASA-2018-0031","SUSE-SU-2017:0122-1","SUSE-SU-2017:0123-1","openSUSE-SU-2024:10186-1"],"references":[{"type":"ADVISORY","url":"http://blogs.perl.org/users/mike_b/2016/10/security-release---buffer-overflow-in-dbdmysql-perl-library.html"},{"type":"ADVISORY","url":"http://www.debian.org/security/2016/dsa-3684"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/93337"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201701-51"},{"type":"REPORT","url":"https://github.com/perl5-dbi/DBD-mysql/commit/7c164a0c86cec6ee95df1d141e67b0e85dfdefd2"},{"type":"FIX","url":"https://github.com/perl5-dbi/DBD-mysql/commit/7c164a0c86cec6ee95df1d141e67b0e85dfdefd2"},{"type":"FIX","url":"https://security.gentoo.org/glsa/201701-51"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/perl5-dbi/dbd-mysql","events":[{"introduced":"0"},{"fixed":"7c164a0c86cec6ee95df1d141e67b0e85dfdefd2"}]}],"versions":["4.030_01","4.030_02","4.031","4.032","4.032_01","4.032_02","4.032_03","4.033","4.033_01","4.033_02","4.033_03","4.034","4.035","4.035_01","4.035_02","4.035_03","4.036","4_012","4_013","4_014","4_015","4_019","4_020","4_022","4_022_1"],"database_specific":{"vanir_signatures":[{"signature_type":"Function","deprecated":false,"id":"CVE-2016-1246-04978216","target":{"file":"dbdimp.c","function":"dbd_bind_ph"},"source":"https://github.com/perl5-dbi/dbd-mysql/commit/7c164a0c86cec6ee95df1d141e67b0e85dfdefd2","signature_version":"v1","digest":{"function_hash":"215087356916198574659665625971438318635","length":4770}},{"signature_type":"Line","deprecated":false,"id":"CVE-2016-1246-feacdc47","target":{"file":"dbdimp.c"},"source":"https://github.com/perl5-dbi/dbd-mysql/commit/7c164a0c86cec6ee95df1d141e67b0e85dfdefd2","signature_version":"v1","digest":{"threshold":0.9,"line_hashes":["110290810247154585717492764134196651003","6102099522180982883609471707633443627","146317104253692962079169395374246137506","189822195661937222954388037138572144764","91973956659400795777853880935364919173","145855647827542450211680115228746541436","93940261054538604854968016153803612552","188154950996129539324113567136086431503","70188766451763274129936393915654914516","274597316174294880487779995934323797380"]}}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-1246.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}