CVE-2002-0972

Name of the Vulnerable Software and Affected Versions PostgreSQL version 7.2 ecpg (affected versions not specified)

Description The issue involves buffer overflows in PostgreSQL, potentially allowing attackers to cause a denial of service or execute arbitrary code by providing long arguments to functions such as lpad or rpad. Additionally, there are multiple vulnerabilities in the ecpg package that can lead to breaches of confidentiality, integrity, and availability of protected information, with the possibility of remote exploitation.

Recommendations For PostgreSQL version 7.2, consider restricting the use of the lpad and rpad functions until a patch is available. For ecpg, at the moment, there is no information about a newer version that contains a fix for this vulnerability.