CVE-2005-0247

Name of the Vulnerable Software and Affected Versions PostgreSQL versions 8.0.1 and earlier

Description The issue is related to multiple buffer overflows in the gram.y file for PostgreSQL, which may allow attackers to execute arbitrary code. This can occur through various means, including a large number of variables in a SQL statement handled by the read sql construct function, a large number of INTO variables in a SELECT statement handled by the make select stmt function, a large number of arbitrary variables in a SELECT statement handled by the make select stmt function, and a large number of INTO variables in a FETCH statement handled by the make fetch stmt function. A valid login is required to exploit this issue.

Recommendations For PostgreSQL versions 8.0.1 and earlier, at the moment, there is no information about a newer version that contains a fix for this issue.