Description

PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows remote authenticated users to cause a denial of service (stack consumption and crash) by triggering a failure in the conversion of a localized error message to a client-specified encoding, as demonstrated using mismatched encoding conversion requests.

Remediation

References

CVE-2009-0922

Related Vulnerabilities

WordPress Plugin MyThemeShop Theme/Plugin Updater Cross-Site Scripting (1.2.3)

Plone CMS Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-5491)

TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-3665)

Dolibarr CVE-2019-11200 Vulnerability (CVE-2019-11200)

TYPO3 Insertion of Sensitive Information into Log File Vulnerability (CVE-2022-31047)

Severity

Medium

Classification

CVE-2009-0922

Tags

Missing Update Known Vulnerabilities