CVE-2002-1397

Name of the Vulnerable Software and Affected Versions PostgreSQL versions prior to 7.2

Description The issue concerns a problem in the cash words() function that can be exploited by local users to cause a denial of service and potentially execute arbitrary code. This is achieved by passing a large negative argument, which may trigger an integer signedness error or buffer overflow.

Recommendations For versions prior to 7.2, consider disabling the cash words() function as a temporary workaround until a patch is available. Restrict access to this function to minimize the risk of exploitation.