Summary
PostgreSQL is prone to a buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. The issue affects the 'intarray' module.
An authenticated attacker can leverage this issue to execute arbitrary code within the context of the vulnerable application. Failed exploit attempts will result in a denial-of-service condition.
The issue affect versions prior to 8.2.20, 8.3.14, 8.4.7, and 9.0.3.
Solution
Updates are available. Please see the references for more information.
References
Severity
Classification
-
CVE CVE-2010-4015 -
CVSS Base Score: 6.5
AV:N/AC:L/Au:S/C:P/I:P/A:P
Related Vulnerabilities
- Oracle MySQL Server Component 'Replication' Unspecified vulnerability Oct-2013 (Windows)
- PostgreSQL 'bitsubstr' Buffer Overflow Vulnerability
- Oracle MySQL Server Multiple Vulnerabilities-03 Nov12 (Windows)
- Oracle MySQL Multiple Unspecified vulnerabilities - 04 May14 (Windows)
- Oracle Database Server Multiple Components Multiple Vulnerabilities