CVE-2015-0243

Summary

Multiple buffer overflows in contrib/pgcrypto in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

Affected Software

VendorProductVersion RangeStatus
PostgreSQL Global Development GroupPostgreSQLbefore 9.0.19affected
PostgreSQL Global Development GroupPostgreSQL9.1.x before 9.1.15affected
PostgreSQL Global Development GroupPostgreSQL9.2.x before 9.2.10affected
PostgreSQL Global Development GroupPostgreSQL9.3.x before 9.3.6affected
PostgreSQL Global Development GroupPostgreSQL9.4.x before 9.4.1affected

Weaknesses

  • Buffer Overflow

ADP Enrichment

CVE Program Container

Additional References

References