Vulnerability Details CVE-2002-0802
The multibyte support in PostgreSQL 6.5.x with SQL_ASCII encoding consumes an extra character when processing a character that cannot be converted, which could remove an escape character from the query and make the application subject to SQL injection attacks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 58.3%
CVSS Severity
CVSS v2 Score 7.5
References
- http://marc.info/?l=postgresql-general&m=102032794322362
- http://www.iss.net/security_center/static/10328.php
- http://www.redhat.com/support/errata/RHSA-2002-149.html
- http://marc.info/?l=postgresql-general&m=102032794322362
- http://www.iss.net/security_center/static/10328.php
- http://www.redhat.com/support/errata/RHSA-2002-149.html
Products affected by CVE-2002-0802
-
cpe:2.3:a:postgresql:postgresql:6.5.0