CVE-2005-1409 Information

Description

PostgreSQL 7.3.x through 8.0.x gives public EXECUTE access to certain character conversion functions which allows unprivileged users to call those functions with malicious values with unknown impact aka the \Character conversion vulnerability.\

Reference

http://archives.postgresql.org/pgsql-announce/2005-05/msg00001.php http://www.novell.com/linux/security/advisories/2005_36_sudo.html http://www.postgresql.org/about/news.315 http://www.redhat.com/support/errata/RHSA-2005-433.html http://www.securityfocus.com/archive/1/426302/30/6680/threaded http://www.securityfocus.com/bid/13476 http://www.vupen.com/english/advisories/2005/0453 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A10050 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A676