PostgreSQL libpq Vulnerability in OCaml Bindings by INRIA
CVE-2009-2943

Currently unrated

Key Information:

Vendor: Ocaml
Status: Postgresql-ocaml
Vendor: CVE Published:; 22 October 2009

What is CVE-2009-2943?

The PostgreSQL libpq OCaml bindings versions 1.5.4, 1.7.0, and 1.12.1 contain vulnerabilities related to the PQescapeStringConn function. These vulnerabilities stem from improper handling of multibyte character encodings, which can potentially allow remote attackers to exploit these issues for malicious purposes. Attackers leveraging this flaw may gain unauthorized access or manipulate data, raising significant security concerns for applications utilizing these bindings.

References

http://secunia.com/advisories/37048

third-party-advisoryx_refsource_SECUNIA

http://www.debian.org/security/2009/dsa-1909

vendor-advisoryx_refsource_DEBIAN

http://www.osvdb.org/59029

vdb-entryx_refsource_OSVDB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
Vulnerability published
Oct 22, 2009

CVE-2009-2943 Data

JSON

Ocaml

What is CVE-2009-2943?

References

Timeline