DB: PostgreSQL Database geo_ops path_in Integer Overflow

This signature detects attempts to exploit a known vulnerability in PostgreSQL Database. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.

Extended Description

Multiple integer overflows in the path_in and other unspecified functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, which trigger a buffer overflow. NOTE: this identifier has been SPLIT due to different affected versions; use CVE-2014-2669 for the hstore vector.

Affected Products

Postgresql postgresql

References

CVE: CVE-2014-0064

Short Name
DB:POSTGRESQL:GEO-OPS-PATH-IN
Severity
Major
Recommended
False
Recommended Action
Drop
Category
DB
Keywords
CVE-2014-0064 Database Integer Overflow PostgreSQL geo_ops path_in
Release Date
03/14/2014
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3650
False Positive
Unknown
Vendors

Postgresql

CVSS Score

6.5

Found a potential security threat?