E14-7wb01
CVSS:
6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)
False Positive:
f
Variants:
1
Year:
2014
Description
This strike exploits a stack buffer overflow vulnerability in PostgreSQL.
If IntervalStyle is set to postgres_verbose, a fixed buffer is used when processing the output string.
A specially crafted SQL INTERVAL command can be used to overflow this buffer.
Successful exploitation may result in execution of arbitrary code or abnormal termination of PostgreSQL,
leading to a denial of service condition.