CyberSec.Space Logo
CVEブラウザに戻る

CVE-2002-1399

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1130%
EPSS Percentile35.94th
Published2003年1月17日
Last Modified2026年4月16日

Vulnerability Description

Unknown vulnerability in cash_out and possibly other functions in PostgreSQL 7.2.1 and earlier, and possibly later versions before 7.2.3, with unknown impact, based on an invalid integer input which is processed as a different data type, as demonstrated using cash_out(2).

Affected Platforms (CPE)

📦
Postgresql

Postgresql

= 6.3.2
📦
Postgresql

Postgresql

= 6.5.3
📦
Postgresql

Postgresql

= 7.0.3
📦
Postgresql

Postgresql

= 7.1
📦
Postgresql

Postgresql

= 7.1.1
📦
Postgresql

Postgresql

= 7.1.2
📦
Postgresql

Postgresql

= 7.1.3
📦
Postgresql

Postgresql

= 7.2
📦
Postgresql

Postgresql

= 7.2.1

References & Advisories

🔗 http://archives.postgresql.org/pgsql-hackers/2002-08/msg00708.php
🔗 http://archives.postgresql.org/pgsql-hackers/2002-08/msg00713.php
🔗 http://marc.info/?l=bugtraq&m=102978152712430&w=2
🔗 http://archives.postgresql.org/pgsql-hackers/2002-08/msg00708.php
🔗 http://archives.postgresql.org/pgsql-hackers/2002-08/msg00713.php
🔗 http://marc.info/?l=bugtraq&m=102978152712430&w=2

関連する脆弱性情報

CVE-2005-365610.0

Multiple format string vulnerabilities in logging functions in mod_auth_pgsql before 2.0.3, when used for user authentication agai...

CVE-2007-327910.0

PostgreSQL 8.1 and probably later versions, when the PL/pgSQL (plpgsql) language has been created, grants certain plpgsql privileg...

CVE-2003-050010.0

SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD before 1.2.9rc1 allows remote a...

CVE-2013-190210.0

PostgreSQL, 9.2.x before 9.2.4, 9.1.x before 9.1.9, 9.0.x before 9.0.13, 8.4.x before 8.4.17, and 8.3.x before 8.3.23 generates in...