Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2015-4644
Description:The php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not validate token extraction for table names, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1352.
Test IDs: 1.3.6.1.4.1.25623.1.0.850662   1.3.6.1.4.1.25623.1.0.703344   1.3.6.1.4.1.25623.1.0.850783   1.3.6.1.4.1.25623.1.1.4.2015.1253.2   1.3.6.1.4.1.25623.1.1.4.2015.1265.1   1.3.6.1.4.1.25623.1.1.4.2015.1253.1  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2015-4644
BugTraq ID: 75292
http://www.securityfocus.com/bid/75292
Debian Security Information: DSA-3344 (Google Search)
http://www.debian.org/security/2015/dsa-3344
https://security.gentoo.org/glsa/201606-10
http://openwall.com/lists/oss-security/2015/06/18/6
RedHat Security Advisories: RHSA-2015:1186
http://rhn.redhat.com/errata/RHSA-2015-1186.html
RedHat Security Advisories: RHSA-2015:1187
http://rhn.redhat.com/errata/RHSA-2015-1187.html
http://www.securitytracker.com/id/1032709




© 1998-2024 E-Soft Inc. All rights reserved.