[原文]Unknown vulnerability in cash_out and possibly other functions in PostgreSQL 7.2.1 and earlier, and possibly later versions before 7.2.3, with unknown impact, based on an invalid integer input which is processed as a different data type, as demonstrated using cash_out(2).
PostgreSQL Multiple Function Invalid Integer Input DoS
Local Access Required
Denial of Service,
Loss of Availability
A local overflow exists in PostgreSQL. Multiple functions can receive a non-pointer integer that cannot be dereferenced resulting in an overflow. With a specially crafted request, an attacker can cause a segmentation fault and crash the service resulting in a loss of availability.
Currently, there are no known upgrades, patches, or workarounds available to correct this issue.