HP Security Bulletin HPSBMU02781 SSRT100617 2 - Potential security vulnerabilities have been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running PostgreSQL. The vulnerabilities could be remotely exploited resulting in execution of arbitrary code and Denial of Service (DoS). Revision 2 of this advisory.
969977237cbe019bfcfe019ff2785e5a2cd29b36bd1679c3d115100fcd8f2197
HP Security Bulletin HPSBMU02781 SSRT100617 - Potential security vulnerabilities have been identified with HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running PostgreSQL. The vulnerabilities could be remotely exploited resulting in execution of arbitrary code and Denial of Service (DoS) . Revision 1 of this advisory.
b85e8b8a8b2b6709cb17786ee687f79c84cb868d3e8d7908aac5a6e2bead0467
Gentoo Linux Security Advisory 201110-22 - Multiple vulnerabilities in the PostgreSQL server and client allow remote attackers to conduct several attacks, including the execution of arbitrary code and denial of service. Versions less than or equal to 9 are affected.
82243da3aec06c210e0496833735c49ccf39afb961407ead00319a66417c0cd7
Mandriva Linux Security Advisory 2011-021 - Buffer overflow in the gettoken function in contrib/intarray/_int_bool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via integers with a large number of digits to unspecified functions.
ae730be155787f04cc8e64b17e00deb20b930df75ebed07e700085d13b9802e2
Ubuntu Security Notice 1058-1 - Geoff Keating reported that a buffer overflow exists in the intarray module's input function for the query_int type. This could allow an attacker to cause a denial of service or possibly execute arbitrary code as the postgres user.
1ecb13ec368acb58d5eeddec7b9324ef46d5faf2653e8c9b20252e2b42468c10
Debian Linux Security Advisory 2157-1 - It was discovered that PostgreSQL's intarray contrib module does not properly handle integers with a large number of digits, leading to a server crash and potentially arbitrary code execution.
0805288cbab6faae214f58712edd9593ea0b1d674e40916709469f1f343a0b55