4 matches found
postgresql: substring() negative length argument buffer overflow
The bitsubstr function in backend/utils/adt/varbit.c in PostgreSQL 8.0.23, 8.1.11, and 8.3.8 allows remote authenticated users to cause a denial of service daemon crash or have unspecified other impact via vectors involving a negative integer in the third argument, as demonstrated by a SELECT...
openSUSE 10 Security Update : mysql (mysql-5613)
Empty bit-strings in a query could crash the MySQL server CVE-2008-3963. Due to another flaw users could access tables of other users CVE-2008-4097, CVE-2008-4098. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...
SuSE 10 Security Update : MySQL (ZYPP Patch Number 5618)
Empty bit-strings in a query could crash the MySQL server. CVE-2008-3963 Due to another flaw users could access tables of other users. CVE-2008-4097 / CVE-2008-4098 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. if NASLLEVEL 3000 exit0;...
Microsoft ASN.1 Library improperly decodes constructed bit strings
Overview The Microsoft ASN.1 Library improperly decodes constructed bit strings which could allow an unauthenticated, remote attacker to execute arbitrary code with SYSTEM privileges. Description Abstract Syntax Notation number One ASN.1 is an international standard used to describe and transmit...