QwikSec

Security Database

CVE

CWE

Training

CVE-2002-1397

Published: Jan 8, 2003

Modified: Aug 8, 2024

PUBLISHED

Description

Vulnerability in the cash_words() function for PostgreSQL 7.2 and earlier allows local users to cause a denial of service and possibly execute arbitrary code via a large negative argument, possibly triggering an integer signedness error or buffer overflow.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

vendor-advisory

x_refsource_CONECTIVA

20020819 @(#) Mordred Labs advisory 0x0001: Buffer overflow in PostgreSQL

mailing-list

x_refsource_BUGTRAQ

third-party-advisory

x_refsource_SECUNIA

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_REDHAT

postgresql-cashwords-bo(9891)

vdb-entry

x_refsource_XF

http://developer.postgresql.org/cvsweb.cgi/pgsql-server/src/backend/utils/adt/cash.c.diff?r1=1.51&r2=1.52

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.