- Description
- The build_tablename function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP through 5.6.7 does not validate token extraction for table names, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:P
- Hype score
- Not currently trending
- Comment
- <a href="http://cwe.mitre.org/data/definitions/476.html" rel="nofollow">CWE-476: NULL Pointer Dereference</a>
- Impact
- -
- Solution
- -
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0C5FF5EF-B5D2-4BFE-8C0E-DF1F99F3989D",
"versionEndIncluding": "10.10.5"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "39F64967-7694-470A-9C03-504E1C360A76",
"versionEndExcluding": "5.4.40"
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F6E112B5-6A62-4E38-88D4-8470B4EBCE18",
"versionEndExcluding": "5.5.24",
"versionStartIncluding": "5.5.0"
},
{
"criteria": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2B4403AA-3B8D-4867-B5C6-0A54AD73D439",
"versionEndExcluding": "5.6.8",
"versionStartIncluding": "5.6.0"
}
],
"operator": "OR"
}
]
}
]