Buffer overflow in the gettoken function in contrib/intarray/_int_bool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via integers with a large number of digits to unspecified functions.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Postgresql | Postgresql | 8.3.6 | 8.3.6 |
Postgresql | Postgresql | 8.3.3 | 8.3.3 |
Postgresql | Postgresql | 8.3.2 | 8.3.2 |
Postgresql | Postgresql | 8.3.12 | 8.3.12 |
Postgresql | Postgresql | 8.3.1 | 8.3.1 |
Postgresql | Postgresql | 8.3.5 | 8.3.5 |
Postgresql | Postgresql | 8.3.8 | 8.3.8 |
Postgresql | Postgresql | 8.3.7 | 8.3.7 |
Postgresql | Postgresql | 8.3.10 | 8.3.10 |
Postgresql | Postgresql | 8.3 | 8.3 |
Postgresql | Postgresql | 8.3.4 | 8.3.4 |
Postgresql | Postgresql | 8.3.11 | 8.3.11 |
Postgresql | Postgresql | 8.3.9 | 8.3.9 |
Postgresql | Postgresql | 8.3.13 | 8.3.13 |