PT-2009-3871 · Perl+1 · Dbd::Pg+1

Published

2009-04-30

·

Updated

2017-09-29

·

CVE-2009-1341

CVSS v2.0

5.0

Medium

VectorAV:N/AC:L/Au:N/C:N/I:N/A:P
Name of the Vulnerable Software and Affected Versions DBD::Pg versions prior to 2.0.0
Description The issue is related to a memory leak in the dequote bytea function, which can be exploited by context-dependent attackers to cause a denial of service through excessive memory consumption. This can be achieved by fetching data that includes BYTEA columns.
Recommendations For versions prior to 2.0.0, update to version 2.0.0 or later to resolve the issue.

Fix

DoS

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2009-1341
DSA-1780-1
RHSA-2009:0479
RHSA-2009:1067
RHSA-2009_0479

Affected Products

Dbd::Pg
Red Hat