CVE-2007-0556

Name of the Vulnerable Software and Affected Versions PostgreSQL versions prior to 8.0.11 PostgreSQL versions prior to 8.1.7 PostgreSQL versions prior to 8.2.2

Description The issue arises from the query planner not verifying table compatibility with previously made query plans. This allows remote authenticated users to potentially cause a denial of service (server crash) and access database content they should not have access to. The vulnerability can be exploited through an "ALTER COLUMN TYPE" SQL statement, which may enable reading arbitrary memory from the server.

Recommendations For versions prior to 8.0.11, update to version 8.0.11 or later. For versions prior to 8.1.7, update to version 8.1.7 or later. For versions prior to 8.2.2, update to version 8.2.2 or later.