ALAS-2015-485 --- postgresql93ID: oval:org.secpod.oval:def:1200178 | Date: (C)2015-12-28 (M)2023-12-18 |
Class: PATCH | Family: unix |
A stack-buffer overflow flaw was found in PostgreSQL"s pgcrypto module. An authenticated database user could use this flaw to cause PostgreSQL to crash or, potentially, execute arbitrary code with the permissions of the user running PostgreSQL. A flaw was found in way PostgreSQL handled certain errors during that were generated during protocol synchronization. An authenticated database user could use this flaw to inject queries into an existing connection
Platform: |
Amazon Linux AMI |