CVE - CVE-2006-2313

CVE-ID
CVE-2006-2313	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters, aka one variant of "Encoding-Based SQL Injection."
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:18092 URL:http://www.securityfocus.com/bid/18092 BUGTRAQ:20060523 PostgreSQL security releases 8.1.4, 8.0.8, 7.4.13, 7.3.15 URL:http://www.securityfocus.com/archive/1/435038/100/0/threaded BUGTRAQ:20060524 rPSA-2006-0080-1 postgresql postgresql-server URL:http://www.securityfocus.com/archive/1/435161/100/0/threaded CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2006-113.htm CONFIRM:http://www.postgresql.org/docs/techdocs.50 DEBIAN:DSA-1087 URL:http://www.debian.org/security/2006/dsa-1087 GENTOO:GLSA-200607-04 URL:http://security.gentoo.org/glsa/glsa-200607-04.xml MANDRIVA:MDKSA-2006:098 URL:~~http://www.mandriva.com/security/advisories?name=MDKSA-2006:098~~ (Obsolete source) MLIST:[pgsql-announce] 20060523 Security Releases for All Active Versions URL:http://archives.postgresql.org/pgsql-announce/2006-05/msg00010.php OVAL:oval:org.mitre.oval:def:10618 URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10618 REDHAT:RHSA-2006:0526 URL:http://www.redhat.com/support/errata/RHSA-2006-0526.html SECTRACK:1016142 URL:http://securitytracker.com/id?1016142 SECUNIA:20231 URL:http://secunia.com/advisories/20231 SECUNIA:20232 URL:http://secunia.com/advisories/20232 SECUNIA:20314 URL:http://secunia.com/advisories/20314 SECUNIA:20435 URL:http://secunia.com/advisories/20435 SECUNIA:20451 URL:http://secunia.com/advisories/20451 SECUNIA:20503 URL:http://secunia.com/advisories/20503 SECUNIA:20555 URL:http://secunia.com/advisories/20555 SECUNIA:20653 URL:http://secunia.com/advisories/20653 SECUNIA:20782 URL:http://secunia.com/advisories/20782 SECUNIA:21001 URL:http://secunia.com/advisories/21001 SGI:20060602-01-U URL:ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc SUSE:SUSE-SA:2006:030 URL:http://lists.suse.com/archive/suse-security-announce/2006-Jun/0002.html TRUSTIX:2006-0032 URL:~~http://www.trustix.org/errata/2006/0032/~~ (Obsolete source - check if archived by the Wayback Machine) UBUNTU:USN-288-1 URL:https://usn.ubuntu.com/288-1/ UBUNTU:USN-288-2 URL:http://www.ubuntu.com/usn/usn-288-2 VUPEN:ADV-2006-1941 URL:~~http://www.vupen.com/english/advisories/2006/1941~~ (Obsolete source) XF:postgresql-multibyte-sql-injection(26627) URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/26627
Assigning CNA
MITRE Corporation
Date Record Created
20060511	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20060511)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)