Description

A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory.

Remediation

References

CVE-2023-5869

Related Vulnerabilities

WordPress Plugin WordPress Social Share, Social Login and Social Comments-Super Socializer Multiple Cross-Site Scripting Vulnerabilities (7.8.9)

Oracle JRE CVE-2022-21618 Vulnerability (CVE-2022-21618)

MySQL CVE-2016-5584 Vulnerability (CVE-2016-5584)

WordPress Plugin MStore API-Create Native Android & iOS Apps On The Cloud Security Bypass (4.10.7)

OpenSSL Cryptographic Issues Vulnerability (CVE-2014-3570)

Severity

High

Classification

CVE-2023-5869 CWE-190 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities