CVE-2011-1145

Name of the Vulnerable Software and Affected Versions unixODBC versions prior to 2.2.14p2

Description The issue is related to a possible buffer overflow condition in the SQLDriverConnect() function when a large value is specified for the SAVEFILE parameter in the connection string. This condition can occur when using the SQLDriverConnect() function with a large SAVEFILE value.

Recommendations For versions prior to 2.2.14p2, update to version 2.2.14p2 or later to resolve the issue. As a temporary workaround, consider restricting the use of large values for the SAVEFILE parameter in the connection string to minimize the risk of exploitation.