QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2010-0442

Back to search

CVE-2010-0442

Published: Feb 2, 2010

Modified: Aug 7, 2024

PUBLISHED

Description

The bitsubstr function in backend/utils/adt/varbit.c in PostgreSQL 8.0.23, 8.1.11, and 8.3.8 allows remote authenticated users to cause a denial of service (daemon crash) or have unspecified other impact via vectors involving a negative integer in the third argument, as demonstrated by a SELECT statement that contains a call to the substring function for a bit string, related to an "overflow."

VendorProductVersions

n/a

n/a

affected
n/a

References

RHSA-2010:0427
vendor-advisory
x_refsource_REDHAT
1023510
vdb-entry
x_refsource_SECTRACK
RHSA-2010:0428
vendor-advisory
x_refsource_REDHAT
DSA-2051
vendor-advisory
x_refsource_DEBIAN
USN-933-1
vendor-advisory
x_refsource_UBUNTU
39820
third-party-advisory
x_refsource_SECUNIA
ADV-2010-1221
vdb-entry
x_refsource_VUPEN
37973
vdb-entry
x_refsource_BID
ADV-2010-1207
vdb-entry
x_refsource_VUPEN
ADV-2010-1022
vdb-entry
x_refsource_VUPEN
39566
third-party-advisory
x_refsource_SECUNIA
postgresql-substring-bo(55902)
vdb-entry
x_refsource_XF
RHSA-2010:0429
vendor-advisory
x_refsource_REDHAT
oval:org.mitre.oval:def:9720
vdb-entry
signature
x_refsource_OVAL
MDVSA-2010:103
vendor-advisory
x_refsource_MANDRIVA
39939
third-party-advisory
x_refsource_SECUNIA
ADV-2010-1197
vdb-entry
x_refsource_VUPEN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now