MiracleLinux 4 : postgresql-8.4.7-1.AXS4.1 (AXSA:2011-38:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-38:01 advisory. PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and...

SuSE 10 Security Update : PostgreSQL (ZYPP Patch Number 7404)

A buffer overflow in the intarray module potentially allowed attackers to execute arbitrary code as the user running postgresql. CVE-2010-4015:CVSS v2 Base Score: 4.9 Additionally a possible log forging problem was fixed too. CVE-2010-4014 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

GLSA-201110-22 : PostgreSQL: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201110-22 PostgreSQL: Multiple vulnerabilities Multiple vulnerabilities have been discovered in PostgreSQL. Please review the CVE identifiers referenced below for details. Impact : A remote authenticated attacker could send a...

CentOS Update for postgresql84 CESA-2011:0198 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : postgresql (openSUSE-SU-2011:0254-1)

A buffer overflow in the intarray module potentially allowed attackers to execute arbitrary code as the user running postgresql CVE-2010-4015:CVSS v2 Base Score: 4.9. Additionally a possible log forging problem was fixed too. CVE-2010-4014 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

Ubuntu: Security Advisory (USN-1058-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-2157-1 : postgresql-8.3, postgresql-8.4, postgresql-9.0 - buffer overflow

It was discovered that PostgreSQL's intarray contrib module does not properly handle integers with a large number of digits, leading to a server crash and potentially arbitrary code execution. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

USN-1058-1: PostgreSQL vulnerability

Geoff Keating reported that a buffer overflow exists in the intarray module's input function for the queryint type. This could allow an attacker to cause a denial of service or possibly execute arbitrary code as the postgres user...

PostgreSQL: Stack-based buffer overflow by processing certain tokens from SQL query string when intarray module enabled

Buffer overflow in the gettoken function in contrib/intarray/intbool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrar...

Buffer overflow

Buffer overflow in the gettoken function in contrib/intarray/intbool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrar...

PostgreSQL 'intarray' Module 'gettoken()' Buffer Overflow Vulnerability

PostgreSQL is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. The issue affects the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C ...

CVE-2010-4015

CVE-2010-4015 is a vulnerability in PostgreSQL’s intarray module: a buffer overflow in gettoken() (contrib/intarray/_int_bool.c) could be triggered by integers with a large number of digits. Affected products/versions include PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14,...

Vulnerability in contrib module (CVE-2010-4015)

An authenticated database user can cause a buffer overrun by calling functions from the intarray optional module with certain parameters...

CVE-2010-4015

Buffer overflow in the gettoken function in contrib/intarray/intbool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrar...