Description

The multibyte support in PostgreSQL 6.5.x with SQL_ASCII encoding consumes an extra character when processing a character that cannot be converted, which could remove an escape character from the query and make the application subject to SQL injection attacks.

Remediation

References

CVE-2002-0802

Related Vulnerabilities

WordPress Plugin Affiliates Manager SQL Injection (2.8.6)

Jolokia Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-0168)

PHP Resource Management Errors Vulnerability (CVE-2010-1917)

GlassFish CVE-2017-10391 Vulnerability (CVE-2017-10391)

Atlassian Jira Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-3402)

Severity

High

Classification

CVE-2002-0802

Tags

Missing Update Known Vulnerabilities