CVE-2015-1352

The build_tablename function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP through 5.6.7 does not validate token extraction for table names, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
cpe:2.3:a:php:php:*:*:*:*:*:*:*:*
cpe:2.3:a:php:php:*:*:*:*:*:*:*:*

Information

Published : 2015-03-30 03:59

Updated : 2022-11-04 19:10


NVD link : CVE-2015-1352

Mitre link : CVE-2015-1352


JSON object : View

Advertisement

dedicated server usa

Products Affected

apple

  • mac_os_x

php

  • php