Published: 30/04/2009 Updated: 29/09/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Memory leak in the dequote_bytea function in quote.c in the DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module prior to 2.0.0 for Perl allows context-dependent malicious users to cause a denial of service (memory consumption) by fetching data with BYTEA columns.

Vulnerable Product	Search on Vulmon	Subscribe to Product
debian libdbd-pg-perl 1.4.8
debian libdbd-pg-perl 1.2.1
debian libdbd-pg-perl 1.2.0
debian libdbd-pg-perl 0.91
debian libdbd-pg-perl 1.3.2
debian libdbd-pg-perl 1.2.2
debian libdbd-pg-perl 0.95
debian libdbd-pg-perl 0.93
debian libdbd-pg-perl 0.83
debian libdbd-pg-perl 0.82
debian libdbd-pg-perl 0.69
debian libdbd-pg-perl 0.68
debian libdbd-pg-perl 0.61
debian libdbd-pg-perl 0.52
debian libdbd-pg-perl 1.4.3
debian libdbd-pg-perl 1.4.0
debian libdbd-pg-perl 0.94
debian libdbd-pg-perl 0.89
debian libdbd-pg-perl 1.4.7
debian libdbd-pg-perl 1.4.6
debian libdbd-pg-perl 1.0.0
debian libdbd-pg-perl 0.99
debian libdbd-pg-perl 0.88
debian libdbd-pg-perl 0.87
debian libdbd-pg-perl 0.73
debian libdbd-pg-perl 0.72
debian libdbd-pg-perl 0.65
debian libdbd-pg-perl 0.64
debian libdbd-pg-perl 0.4
debian libdbd-pg-perl 0.3
debian libdbd-pg-perl 0.98
debian libdbd-pg-perl 0.92
debian libdbd-pg-perl 0.90
debian libdbd-pg-perl 0.81
debian libdbd-pg-perl 0.80
debian libdbd-pg-perl 0.67
debian libdbd-pg-perl 0.66
debian libdbd-pg-perl 0.51
debian libdbd-pg-perl 0.5
debian libdbd-pg-perl 1.3.1
debian libdbd-pg-perl 1.0.1
debian libdbd-pg-perl 1.4.2
debian libdbd-pg-perl 1.4.1
debian libdbd-pg-perl 0.97
debian libdbd-pg-perl 0.96
debian libdbd-pg-perl 0.86
debian libdbd-pg-perl 0.85
debian libdbd-pg-perl 0.84
debian libdbd-pg-perl 0.71
debian libdbd-pg-perl 0.70
debian libdbd-pg-perl 0.63
debian libdbd-pg-perl 0.62
debian libdbd-pg-perl 0.2
debian libdbd-pg-perl 0.1
debian libdbd-pg-perl
debian libdbd-pg-perl 1.4.4
debian libdbd-pg-perl 1.4.5

Synopsis Moderate: perl-DBD-Pg security update Type/Severity Security Advisory: Moderate Topic An updated perl-DBD-Pg package that fixes two security issues is nowavailable for Red Hat Enterprise Linux 5This update has been rated as having moderate security impact by the RedHat Security Response Team ...

Two vulnerabilities have been discovered in libdbd-pg-perl, the DBI driver module for PostgreSQL database access (DBD::Pg) CVE-2009-0663 A heap-based buffer overflow may allow attackers to execute arbitrary code through applications which read rows from the database using the pg_getline and getline functions (More common retrieval methods, ...

CWE-200 http://rt.cpan.org/Public/Bug/Display.html?id=21392 https://launchpad.net/bugs/cve/2009-1341 http://security.debian.org/pool/updates/main/libd/libdbd-pg-perl/libdbd-pg-perl_1.49-2+etch1.diff.gz http://www.debian.org/security/2009/dsa-1780 http://cpansearch.perl.org/src/TURNSTEP/DBD-Pg-2.13.1/Changes http://secunia.com/advisories/34909 http://www.securityfocus.com/bid/34757 http://www.redhat.com/support/errata/RHSA-2009-0479.html http://secunia.com/advisories/35058 http://www.redhat.com/support/errata/RHSA-2009-1067.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://secunia.com/advisories/35685 https://exchange.xforce.ibmcloud.com/vulnerabilities/50387 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9680 https://access.redhat.com/errata/RHSA-2009:0479 https://nvd.nist.gov https://www.debian.org/security/./dsa-1780

CVE-2009-1341

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect