Endpoint Vulnerability

PostgreSQL: Buffer overruns in 'to_char' functions.

Description

A buffer overflow flaw was found in the way PostgreSQL handled certain numeric formatting. An authenticated database user could use a specially crafted timestamp formatting template to cause PostgreSQL to crash or, under certain conditions, execute arbitrary code with the permissions of the user running PostgreSQL.

Affected Products

PostgreSQL

References

CVE-2015-0241,