CVE-2002-1399
PostgreSQL <= 7.2.1 - SQL Injection via Invalid Integer Input
Title source: llmDescription
Unknown vulnerability in cash_out and possibly other functions in PostgreSQL 7.2.1 and earlier, and possibly later versions before 7.2.3, with unknown impact, based on an invalid integer input which is processed as a different data type, as demonstrated using cash_out(2).
References (3)
Core 3
Core References
Various Sources x_refsource_misc
http://archives.postgresql.org/pgsql-hackers/2002-08/msg00713.php
Various Sources x_refsource_misc
http://archives.postgresql.org/pgsql-hackers/2002-08/msg00708.php
Mailing List mailing-list
x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=102978152712430&w=2
Scores
EPSS
0.0046
EPSS Percentile
64.2%
Details
Status
published
Products (9)
postgresql/postgresql
6.3.2
postgresql/postgresql
6.5.3
postgresql/postgresql
7.0.3
postgresql/postgresql
7.1
postgresql/postgresql
7.1.1
postgresql/postgresql
7.1.2
postgresql/postgresql
7.1.3
postgresql/postgresql
7.2
postgresql/postgresql
7.2.1
Published
Jan 17, 2003
Tracked Since
Feb 18, 2026