CVE-2014-0064

Name of the Vulnerable Software and Affected Versions PostgreSQL versions 8.4.0 through 8.4.19 PostgreSQL versions 9.0.0 through 9.0.15 PostgreSQL versions 9.1.0 through 9.1.11 PostgreSQL versions 9.2.0 through 9.2.6 PostgreSQL versions 9.3.0 through 9.3.2

Description The issue is caused by multiple integer overflows in the path in and other unspecified functions, which allow remote authenticated users to trigger a buffer overflow, resulting in unspecified impact and attack vectors. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited.

Recommendations For PostgreSQL versions 8.4.0 through 8.4.19, update to version 8.4.20 or later. For PostgreSQL versions 9.0.0 through 9.0.15, update to version 9.0.16 or later. For PostgreSQL versions 9.1.0 through 9.1.11, update to version 9.1.12 or later. For PostgreSQL versions 9.2.0 through 9.2.6, update to version 9.2.7 or later. For PostgreSQL versions 9.3.0 through 9.3.2, update to version 9.3.3 or later.