Description
In PostgreSQL, a modified, unauthenticated server can send an unterminated string during the establishment of Kerberos transport encryption. In certain conditions a server can cause a libpq client to over-read and report an error message containing uninitialized bytes.
Remediation
References
Related Vulnerabilities
WordPress Plugin MasterStudy LMS-for Online Courses and Education Security Bypass (3.3.8)
WordPress Plugin Emag Marketplace Connector Cross-Site Scripting (1.0.0)
WordPress Plugin TagNinja 'id' Parameter Cross-Site Scripting (1.0)
Zope Web Application Server CVE-2011-3587 Vulnerability (CVE-2011-3587)
IBM RTC Incorrect Authorization Vulnerability (CVE-2017-1700)