Description

PostgreSQL 7.3.x through 8.0.x gives public EXECUTE access to certain character conversion functions, which allows unprivileged users to call those functions with malicious values, with unknown impact, aka the "Character conversion vulnerability."

Remediation

References

CVE-2005-1409

Related Vulnerabilities

WordPress 2.0.5 Charset Decoding SQL Injection Vulnerability (0.6.2 - 2.0.5)

GlassFish Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-1950)

WordPress Plugin Form Builder CP Cross-Site Scripting (1.2.14)

Next.js Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-5284)

phpMyAdmin Improper Authentication Vulnerability (CVE-2010-4481)

Severity

High

Classification

CVE-2005-1409

Tags

Missing Update Known Vulnerabilities