Intrusion Prevention

PostgreSQL.gram.y.Buffer.Overflow

Description

It indicates a possible exploit of buffer overflow vulnerability in PostgreSQL 8.0 that may allow remote attackers to execute code via a large number of arbitrary variables in a SELECT statement being handled by the make_select_stmt function, and a large number of INTO variables in a FETCH statement being handled by the make_fetch_stmt function.

Affected Products

PostgreSQL PostgreSQL 8.0 and earlier versions.

Impact

Compromise of the affected system.

Recommended Actions

Upgrade PostgreSQL PostgreSQL 8.0.2 or later version as per reference.

CVE References

CVE-2005-0247

Other References

1