Back to search
CVE-2002-0802
Published: Apr 2, 2003
Modified: Aug 8, 2024
PUBLISHED
Description
The multibyte support in PostgreSQL 6.5.x with SQL_ASCII encoding consumes an extra character when processing a character that cannot be converted, which could remove an escape character from the query and make the application subject to SQL injection attacks.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://marc.info/?l=postgresql-general&m=102032794322362
x_refsource_MISC
RHSA-2002:149
vendor-advisory
x_refsource_REDHAT
postgresql-sqlascii-sql-injection(10328)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now