CyberSec.Space Logo
Back to CVE Browser

CVE-2002-1399

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1130%
EPSS Percentile35.94th
PublishedJan 17, 2003
Last ModifiedApr 16, 2026

Vulnerability Description

Unknown vulnerability in cash_out and possibly other functions in PostgreSQL 7.2.1 and earlier, and possibly later versions before 7.2.3, with unknown impact, based on an invalid integer input which is processed as a different data type, as demonstrated using cash_out(2).

Affected Platforms (CPE)

πŸ“¦
Postgresql

Postgresql

= 6.3.2
πŸ“¦
Postgresql

Postgresql

= 6.5.3
πŸ“¦
Postgresql

Postgresql

= 7.0.3
πŸ“¦
Postgresql

Postgresql

= 7.1
πŸ“¦
Postgresql

Postgresql

= 7.1.1
πŸ“¦
Postgresql

Postgresql

= 7.1.2
πŸ“¦
Postgresql

Postgresql

= 7.1.3
πŸ“¦
Postgresql

Postgresql

= 7.2
πŸ“¦
Postgresql

Postgresql

= 7.2.1

References & Advisories

πŸ”— http://archives.postgresql.org/pgsql-hackers/2002-08/msg00708.php
πŸ”— http://archives.postgresql.org/pgsql-hackers/2002-08/msg00713.php
πŸ”— http://marc.info/?l=bugtraq&m=102978152712430&w=2
πŸ”— http://archives.postgresql.org/pgsql-hackers/2002-08/msg00708.php
πŸ”— http://archives.postgresql.org/pgsql-hackers/2002-08/msg00713.php
πŸ”— http://marc.info/?l=bugtraq&m=102978152712430&w=2

Related Vulnerabilities

CVE-2005-365610.0

Multiple format string vulnerabilities in logging functions in mod_auth_pgsql before 2.0.3, when used for user authentication agai...

CVE-2007-327910.0

PostgreSQL 8.1 and probably later versions, when the PL/pgSQL (plpgsql) language has been created, grants certain plpgsql privileg...

CVE-2003-050010.0

SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD before 1.2.9rc1 allows remote a...

CVE-2013-190210.0

PostgreSQL, 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 generates in...