CVE-2014-0064
Description
Multiple integer overflows in the path_in and other unspecified functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, which trigger a buffer overflow. NOTE: this identifier has been SPLIT due to different affected versions; use CVE-2014-2669 for the hstore vector.
Risk Information
Base Score
10.0
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS Score
Exploitation Probability
6.674
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in Postgresql 9.3.2 | Windows |
| Multiple vulnerabilities are fixed in PostgreSQL 9.3.3 | Windows |
| Multiple vulnerabilities are fixed in PostgreSQL 9.2.7 | Windows |
| Multiple vulnerabilities are fixed in PostgreSQL 9.1.12 | Windows |
| Multiple vulnerabilities are fixed in PostgreSQL 9.0.16 | Windows |
| Multiple vulnerabilities are fixed in PostgreSQL 8.4.20 | Windows |
| Multiple Vulnerabilities are affected in Postgresql 9.3.2 (For Linux) | Linux |
| Multiple vulnerabilities are fixed in PostgreSQL 9.3.3 (For Linux) | Linux |
| Multiple vulnerabilities are fixed in PostgreSQL 9.2.7 (For Linux) | Linux |
| Multiple vulnerabilities are fixed in PostgreSQL 9.1.12 (For Linux) | Linux |
| Multiple vulnerabilities are fixed in PostgreSQL 9.0.16 (For Linux) | Linux |
| Multiple vulnerabilities are fixed in PostgreSQL 8.4.20 (For Linux) | Linux |
| CVE-2014-0064 | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234