Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1401

Overview

Vulnerability Score 6.5 6.5
CVE Id CVE-2002-1401
Last Modified 10 Sep 2008 12:00:00
Published 17 Jan 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2002-1401

Summary

Buffer overflows in (1) circle_poly, (2) path_encode and (3) path_add (also incorrectly identified as path_addr) for PostgreSQL 7.2.3 and earlier allow attackers to cause a denial of service and possibly execute arbitrary code, possibly as a result of an integer overflow.

Vulnerable Systems

Application

  • Postgresql 6.3.2

  • Postgresql 6.5.3

  • Postgresql 7.0.3

  • Postgresql 7.1

  • Postgresql 7.1.1

  • Postgresql 7.1.2

  • Postgresql 7.1.3

  • Postgresql 7.2

  • Postgresql 7.2.1

  • Postgresql 7.2.2

  • Postgresql 7.2.3


References

DEBIAN - DSA-165

REDHAT - RHSA-2003:001

SECUNIA - 8034

CONECTIVA - CLA-2002:524

MISC - http://archives.postgresql.org/pgsql-hackers/2002-08/msg02081.php

MISC - http://archives.postgresql.org/pgsql-hackers/2002-08/msg02047.php


Last Updated: 27 May 2016 10:37:19