CVE

Id
5785  
CVE No.
CVE-2002-1401  
Status
Candidate  
Description
Buffer overflows in (1) circle_poly, (2) path_encode and (3) path_add (also incorrectly identified as path_addr) for PostgreSQL 7.2.3 and earlier allow attackers to cause a denial of service and possibly execute arbitrary code, possibly as a result of an integer overflow.  
Phase
Modified (20071113)  
Votes
ACCEPT(3) Armstrong, Cox, Green | NOOP(2) Christey, Cole  
Comments
CHANGE> [Cox changed vote from NOOP to ACCEPT] | Christey> REDHAT:RHSA-2003:010  

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
32508 5785 CVE-2002-1401 MISC:http://archives.postgresql.org/pgsql-hackers/2002-08/msg02047.php  View
32509 5785 CVE-2002-1401 MISC:http://archives.postgresql.org/pgsql-hackers/2002-08/msg02081.php  View
32510 5785 CVE-2002-1401 DEBIAN:DSA-165  View
32511 5785 CVE-2002-1401 URL:http://www.debian.org/security/2002/dsa-165  View
32512 5785 CVE-2002-1401 CONECTIVA:CLA-2002:524  View
32513 5785 CVE-2002-1401 URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000524  View
32514 5785 CVE-2002-1401 REDHAT:RHSA-2003:001  View
32515 5785 CVE-2002-1401 URL:http://www.redhat.com/support/errata/RHSA-2003-001.html  View
32516 5785 CVE-2002-1401 SECUNIA:8034  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
63880 JVNDB-2002-000207 PostgreSQL の特定の関数における整数オーバフローの脆弱性 PostgreSQL において、引数として与えられた値に対するチェックが不適切であるため、引数に異常に大きい値を与えることで、整数桁あふれによるオーバーフローが発生する脆弱性が存在します。 CVE-2002-1401 5785 4.6 http://jvndb.jvn.jp/ja/contents/2002/JVNDB-2002-000207.html  View