Описание
The to_char function in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a (1) large number of digits when processing a numeric formatting template, which triggers a buffer over-read, or (2) crafted timestamp formatting template, which triggers a buffer overflow.
A buffer overflow flaw was found in the way PostgreSQL handled certain numeric formatting. An authenticated database user could use a specially crafted timestamp formatting template to cause PostgreSQL to crash or, under certain conditions, execute arbitrary code with the permissions of the user running PostgreSQL.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| CloudForms Management Engine 5 | postgresql | Will not fix | ||
| CloudForms Management Engine 5 | postgresql92-postgresql | Will not fix | ||
| Red Hat Enterprise Linux 5 | postgresql | Will not fix | ||
| Red Hat Enterprise Linux 5 | postgresql84 | Will not fix | ||
| Red Hat Software Collections | rh-postgresql94-postgresql | Affected | ||
| Red Hat Enterprise Linux 6 | postgresql | Fixed | RHSA-2015:0750 | 30.03.2015 |
| Red Hat Enterprise Linux 7 | postgresql | Fixed | RHSA-2015:0750 | 30.03.2015 |
| Red Hat Satellite 5.7 | postgresql92-postgresql | Fixed | RHSA-2015:0856 | 20.04.2015 |
| Red Hat Software Collections 1 for Red Hat Enterprise Linux 6 | postgresql92-postgresql | Fixed | RHSA-2015:0699 | 18.03.2015 |
| Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.5 EUS | postgresql92-postgresql | Fixed | RHSA-2015:0699 | 18.03.2015 |
Показывать по
Дополнительная информация
Статус:
6 Medium
CVSS2
Связанные уязвимости
The to_char function in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a (1) large number of digits when processing a numeric formatting template, which triggers a buffer over-read, or (2) crafted timestamp formatting template, which triggers a buffer overflow.
The to_char function in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a (1) large number of digits when processing a numeric formatting template, which triggers a buffer over-read, or (2) crafted timestamp formatting template, which triggers a buffer overflow.
The to_char function in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, ...
The to_char function in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a (1) large number of digits when processing a numeric formatting template, which triggers a buffer over-read, or (2) crafted timestamp formatting template, which triggers a buffer overflow.
6 Medium
CVSS2