Intrusion Prevention

PostgreSQL.Database.Geo.Ops.Path.In.Integer.Overflow

Description

This indicates an attack attempt against a Stack Buffer Overflow vulnerability in PostgreSQL database server.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application when handling a crafted request. A remote attacker may be able to exploit this to execute arbitrary code within the context of the application, via a crafted request to the vulnerable service.

Affected Products

PostgreSQL PostgreSQL 8.4
PostgreSQL PostgreSQL 9.0
PostgreSQL PostgreSQL 9.1
PostgreSQL PostgreSQL 9.2
PostgreSQL PostgreSQL 9.3

Impact

System Compromise: Remote attackers can execute arbitrary code in the context of the affected application.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://github.com/postgres/postgres/commit/31400a673325147e1205326008e32135a78b4d8a

CVE References

CVE-2014-0064