Lucene search
HistoryOct 22, 2009 - 4:30 p.m.
CVE-2009-2943
cve-2009-2943
postgresql
libpq
pqescapestringconn
remote attackers
escaping issues
multibyte character encodings
6.4 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
72.5%
The postgresql-ocaml bindings 1.5.4, 1.7.0, and 1.12.1 for PostgreSQL libpq do not properly support the PQescapeStringConn function, which might allow remote attackers to leverage escaping issues involving multibyte character encodings.
Related
debian
debian
nessus
nessus
Fedora 10 : ocaml-postgresql-1.12.3-1.fc10.2 (2009-10595)
2009-11-11 00:00:00
Fedora 11 : ocaml-postgresql-1.12.3-1.fc11.2 (2009-10633)
2009-11-11 00:00:00
Debian DSA-1909-1 : postgresql-ocaml - missing escape function
2010-02-24 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: ocaml-postgresql-1.12.3-1.fc11.2
2009-11-10 17:56:28
[SECURITY] Fedora 10 Update: ocaml-postgresql-1.12.3-1.fc10.2
2009-11-10 17:58:22
openvas
openvas
Fedora Core 11 FEDORA-2009-10633 (ocaml-postgresql)
2009-11-17 00:00:00
Fedora Core 10 FEDORA-2009-10595 (ocaml-postgresql)
2009-11-17 00:00:00
Fedora Core 10 FEDORA-2009-10595 (ocaml-postgresql)
2009-11-17 00:00:00
ubuntucve
ubuntucve
CVE-2009-2943
2009-10-22 00:00:00
prion
prion
Code injection
2009-10-22 16:30:00
debiancve
debiancve
CVE-2009-2943
2009-10-22 16:30:00
securityvulns
securityvulns
pygresql / mysql-ocaml / postgresql-ocaml SQL injection
2009-10-15 00:00:00
6.4 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.004 Low
EPSS
Percentile
72.5%
Related for CVE-2009-2943