4.6 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
7.6 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
34.0%
Buffer overflow in the date parser for PostgreSQL before 7.2.2 allows attackers to cause a denial of service and possibly execute arbitrary code via a long date string, aka a vulnerability “in handling long datetime input.”
archives.postgresql.org/pgsql-announce/2002-08/msg00004.php
marc.info/?l=bugtraq&m=102978152712430&w=2
marc.info/?l=bugtraq&m=102996089613404&w=2
marc.info/?l=bugtraq&m=103021186622725&w=2
marc.info/?l=bugtraq&m=103036987114437&w=2
marc.info/?l=postgresql-announce&m=103062536330644
secunia.com/advisories/8034
www.debian.org/security/2002/dsa-165
www.novell.com/linux/security/advisories/2002_038_postgresql.html
www.redhat.com/support/errata/RHSA-2003-001.html