CVE-2015-1352

2015-03-30T06:59:08
ID CVE-2015-1352
Type cve
Reporter NVD
Modified 2016-12-30T21:59:20

Description

The build_tablename function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP through 5.6.7 does not validate token extraction for table names, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name.