MEDIUM
Dbd MYSQL Project
CVE published 2017-02-17
CVE-2016-1249
CVE-2016-1249 is a denial-of-service flaw in Perl's DBD::mysql module when server-side prepared statement support is used. The supplied NVD record describes an out-of-bounds read that can be triggered by certain SQL shapes involving an unaligned number of placeholders in a WHERE condition and output fields in a SELECT expression. The affected range in NVD extends through 4.038_01, with 4.039 referenced as [truncated]