Description

backend/parser/analyze.c in PostgreSQL 8.1.x before 8.1.5 allows remote authenticated users to cause a denial of service (daemon crash) via certain aggregate functions in an UPDATE statement, which are not properly handled during a "MIN/MAX index optimization."

Remediation

References

CVE-2006-5540

Related Vulnerabilities

WordPress Plugin FireStats Arbitrary File Download (1.6.5)

Apache 2.x version older than 2.0.48

WebLogic CVE-2020-5421 Vulnerability (CVE-2020-5421)

phpMyAdmin Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-1285)

MySQL CVE-2022-21372 Vulnerability (CVE-2022-21372)

Severity

Medium

Classification

CVE-2006-5540

Tags

Missing Update Known Vulnerabilities