Security Advisory

CVE-2015-1352

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-03-30 10:00:00

Last updated 2024-08-06 04:40:18

Assigner mitre

State PUBLISHED

Description

The build_tablename function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP through 5.6.7 does not validate token extraction for table names, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name.

← Browse all CVEs View on cve.org ↗