Endpoint Vulnerability

PostgreSQL: EnterpriseDB's installers for Linux and Mac OS X passed the database superuser password to a script in an insecure fashion.

Description

Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service (server crash) via unspecified vectors, which are not properly handled in (1) json or (2) jsonb values.

Affected Products

PostgreSQL

References

CVE-2013-1903,