CVE-2014-0063

Name of the Vulnerable Software and Affected Versions PostgreSQL versions prior to 8.4.20 PostgreSQL versions 9.0.x prior to 9.0.16 PostgreSQL versions 9.1.x prior to 9.1.12 PostgreSQL versions 9.2.x prior to 9.2.7 PostgreSQL versions 9.3.x prior to 9.3.3

Description The issue is related to multiple stack-based buffer overflows that can be triggered by remote authenticated users. This can lead to a denial of service (crash) or possibly the execution of arbitrary code. The overflows are related to an incorrect MAXDATELEN constant and datetime values involving intervals, timestamps, or timezones.

Recommendations For versions prior to 8.4.20, update to version 8.4.20 or later. For versions 9.0.x prior to 9.0.16, update to version 9.0.16 or later. For versions 9.1.x prior to 9.1.12, update to version 9.1.12 or later. For versions 9.2.x prior to 9.2.7, update to version 9.2.7 or later. For versions 9.3.x prior to 9.3.3, update to version 9.3.3 or later.