Postgresql » Postgresql : Security Vulnerabilities, CVEs, Published In 2005 (Code Execution)
Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow attackers to execute arbitrary code via (1) a large number of variables in a SQL statement being handled by the read_sql_construct function, (2) a large number of INTO variables in a SELECT statement being handled by the make_select_stmt function, (3) a large number of arbitrary variables in a SELECT statement being handled by the make_select_stmt function, and (4) a large number of INTO variables in a FETCH statement being handled by the make_fetch_stmt function, a different set of vulnerabilities than CVE-2005-0245.
Max CVSS
6.5
EPSS Score
62.60%
Published
2005-05-02
Updated
2017-10-11
Buffer overflow in gram.y for PostgreSQL 8.0.0 and earlier may allow attackers to execute arbitrary code via a large number of arguments to a refcursor function (gram.y), which leads to a heap-based buffer overflow, a different vulnerability than CVE-2005-0247.
Max CVSS
7.5
EPSS Score
1.79%
Published
2005-02-01
Updated
2023-01-19
PostgreSQL (pgsql) 7.4.x, 7.2.x, and other versions allows local users to load arbitrary shared libraries and execute code via the LOAD extension.
Max CVSS
4.3
EPSS Score
0.04%
Published
2005-05-02
Updated
2023-10-18
3 vulnerabilities found