CVE-2006-2313

Published: 24 May 2006

PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters, aka one variant of "Encoding-Based SQL Injection."

Priority

Unknown

Status

Package Release Status
postgresql
Launchpad, Ubuntu, Debian
Upstream Needs triage

postgresql-7.4
Launchpad, Ubuntu, Debian
Upstream Needs triage

postgresql-8.1
Launchpad, Ubuntu, Debian
Upstream Needs triage

postgresql-8.2
Launchpad, Ubuntu, Debian
Upstream Needs triage