Summary
PostgreSQL is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. The issue affects the 'intarray' module.
An authenticated attacker can leverage this issue to execute arbitrary code within the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition.
The issue affect versions prior to 8.2.20, 8.3.14, 8.4.7, and 9.0.3.
Solution
Updates are available. Please see the references for more information.
References
Severity
Classification
-
CVE CVE-2010-4015 -
CVSS Base Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P
Related Vulnerabilities
- PostgreSQL Multiple Integer Overflow Vulnerabilities July14 (Windows)
- Oracle MySQL Multiple Unspecified vulnerabilities - 02 Jan14 (Windows)
- Oracle MySQL Multiple Unspecified vulnerabilities - 01 May14 (Windows)
- Oracle MySQL Multiple Unspecified vulnerabilities - 04 May14 (Windows)
- Oracle MySQL Server Multiple Vulnerabilities-04 Nov12 (Windows)