Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-2943

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2009-2943
Last Modified 23 Oct 2009 12:00:00
Published 22 Oct 2009 12:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2009-2943

Summary

The postgresql-ocaml bindings 1.5.4, 1.7.0, and 1.12.1 for PostgreSQL libpq do not properly support the PQescapeStringConn function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings.

Vulnerable Systems

Application

  • Postgresql-ocaml 1.12.1

  • Postgresql-ocaml 1.5.4

  • Postgresql-ocaml 1.7.0


References

DEBIAN - DSA-1909

OSVDB - 59029

SECUNIA - 37048


Last Updated: 27 May 2016 10:51:04