libnss-pgsql in nss-pgsql 0.9.0 and earlier allows remote attackers to execute arbitrary SQL queries by inserting SQL code into an HTTP request.
Affected Software
Name |
Vendor |
Start Version |
End Version |
Nss_postgresql |
Alessandro_gardich |
0.6.1 |
0.6.1 |
Libnss-pgsql |
Joerg_wendland |
0.9.0 |
0.9.0 |
References