CVE-2009-2943

Name of the Vulnerable Software and Affected Versions: postgresql-ocaml bindings versions 1.5.4, 1.7.0, and 1.12.1

Description: The issue is related to the improper support of the PQescapeStringConn function in the postgresql-ocaml bindings for PostgreSQL libpq. This might allow remote attackers to exploit escaping issues involving multibyte character encodings.

Recommendations: For version 1.5.4, update to a version that properly supports the PQescapeStringConn function. For version 1.7.0, update to a version that properly supports the PQescapeStringConn function. For version 1.12.1, update to a version that properly supports the PQescapeStringConn function.