FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

postgresql -- multiple buffer overflows in PL/PgSQL parser

Affected packages
ja-postgresql < 7.3.9_1
7.4.* < ja-postgresql < 7.4.7_1
8.* < ja-postgresql < 8.0.1_1
postgresql < 7.3.9_1
7.4.* < postgresql < 7.4.7_1
8.* < postgresql < 8.0.1_1
postgresql-server < 7.3.9_1
7.4.* < postgresql-server < 7.4.7_1
8.* < postgresql-server < 8.0.1_1

Details

VuXML ID 6b4b0b3f-8127-11d9-a9e7-0001020eed82
Discovery 2005-02-07
Entry 2005-02-17
Modified 2005-02-19

The PL/PgSQL parser in postgresql is vulnerable to several buffer overflows. These could be exploited by a remote attacker to execute arbitrary code with the permissions of the postgresql server by running a specially crafted query.

References

CVE Name CVE-2005-0247
URL http://archives.postgresql.org/pgsql-committers/2005-02/msg00049.php

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.