CVE-2010-0733

Name of the Vulnerable Software and Affected Versions PostgreSQL versions 8.4.1 and earlier PostgreSQL versions 8.5 through 8.5alpha2

Description The issue is related to an integer overflow in the src/backend/executor/nodeHash.c file, which can be exploited by remote authenticated users to cause a denial of service, resulting in a daemon crash. This can be achieved by executing a SELECT statement with many LEFT JOIN clauses, affecting certain hashtable size calculations.

Recommendations For PostgreSQL versions 8.4.1 and earlier, update to a version later than 8.4.1 to resolve the issue. For PostgreSQL versions 8.5 through 8.5alpha2, update to a version later than 8.5alpha2 to resolve the issue.