Multiple integer overflows in contrib/hstore/hstore_io.c in PostgreSQL 9.0.x prior to 9.0.16, 9.1.x prior to 9.1.12, 9.2.x prior to 9.2.7, and 9.3.x prior to 9.3.3 allow remote authenticated users to have unspecified impact via vectors related to the (1) hstore_recv, (2) hstore_from_arrays, and (3) hstore_from_array functions in contrib/hstore/hstore_io.c; and the (4) hstoreArrayToPairs function in contrib/hstore/hstore_op.c, which triggers a buffer overflow. NOTE: this issue was SPLIT from CVE-2014-0064 because it has a different set of affected versions.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
postgresql postgresql 9.0.11 |
||
postgresql postgresql 9.2.1 |
||
postgresql postgresql 9.1.4 |
||
postgresql postgresql 9.0.13 |
||
postgresql postgresql 9.3 |
||
postgresql postgresql 9.0.7 |
||
postgresql postgresql 9.0.6 |
||
postgresql postgresql 9.3.2 |
||
postgresql postgresql 9.1 |
||
postgresql postgresql 9.2.3 |
||
postgresql postgresql 9.0.10 |
||
postgresql postgresql 9.0.4 |
||
postgresql postgresql 9.1.9 |
||
postgresql postgresql 9.0.9 |
||
postgresql postgresql 9.1.5 |
||
postgresql postgresql 9.1.8 |
||
postgresql postgresql 9.2 |
||
postgresql postgresql 9.1.2 |
||
postgresql postgresql 9.1.6 |
||
postgresql postgresql 9.0.1 |
||
postgresql postgresql 9.2.4 |
||
postgresql postgresql 9.0.14 |
||
postgresql postgresql 9.1.7 |
||
postgresql postgresql 9.1.3 |
||
postgresql postgresql 9.0.3 |
||
postgresql postgresql 9.0 |
||
postgresql postgresql 9.3.1 |
||
postgresql postgresql 9.1.1 |
||
postgresql postgresql 9.0.2 |
||
postgresql postgresql 9.0.5 |
||
postgresql postgresql 9.0.12 |
||
postgresql postgresql 9.1.10 |
||
postgresql postgresql 9.0.15 |
||
postgresql postgresql 9.2.5 |
||
postgresql postgresql 9.1.11 |
||
postgresql postgresql 9.0.8 |
||
postgresql postgresql 9.2.2 |
Vulmon