CVE-2015-1352

The build_tablename function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP through 5.6.7 does not validate token extraction for table names, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name.

Published : 2015-03-30 10:59 Updated : 2019-10-09 23:13

5.0
CVSS Score More info
Score 5.0 / 10
5.0
Vendor Product Version URI
Php Php 5.6.7 cpe:/a:php:php:5.6.7
Apple Mac Os X 10.10.5 cpe:/o:apple:mac_os_x:10.10.5
  1. Php (1) Search CVE
    1. Php (1) Search CVE
      1. 5.6.7
  2. Apple (1) Search CVE
    1. Mac Os X (1) Search CVE
      1. 10.10.5

CWE

There is no CWE for this CVE.