FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2014-0064

This CVE name corresponds to:

Entered Topic
2014-02-20 PostgreSQL -- multiple privilege issues

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

Details

Type Candidate
Name CVE-2014-0064
Phase Assigned(20131203)

Description

Multiple integer overflows in the path_in and other unspecified functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, which trigger a buffer overflow. NOTE: this identifier has been SPLIT due to different affected versions; use CVE-2014-2669 for the hstore vector.

References

Source Reference
CONFIRM http://wiki.postgresql.org/wiki/20140220securityrelease
CONFIRM http://www.postgresql.org/about/news/1506/
CONFIRM http://www.postgresql.org/support/security/
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=1065230
CONFIRM https://github.com/postgres/postgres/commit/31400a673325147e1205326008e32135a78b4d8a
CONFIRM http://support.apple.com/kb/HT6448
CONFIRM https://support.apple.com/kb/HT6536
APPLE APPLE-SA-2014-10-16-3
DEBIAN DSA-2864
DEBIAN DSA-2865
REDHAT RHSA-2014:0469