CVE-2014-0064

Publication date 21 February 2014

Last updated 4 August 2025

Ubuntu priority

Multiple integer overflows in the path_in and other unspecified functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, which trigger a buffer overflow. NOTE: this identifier has been SPLIT due to different affected versions; use CVE-2014-2669 for the hstore vector.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
postgresql-8.4	14.10 utopic	Not in release
	14.04 LTS trusty	Not in release
	13.10 saucy	Not in release
	12.10 quantal	Not in release
	12.04 LTS precise	Fixed 8.4.22-0ubuntu0.12.04
	10.04 LTS lucid	Fixed 8.4.20-0ubuntu010.04
postgresql-9.1	14.10 utopic	Not in release
	14.04 LTS trusty	Fixed 9.1.12-1
	13.10 saucy	Fixed 9.1.12-0ubuntu0.13.10
	12.10 quantal	Fixed 9.1.12-0ubuntu0.12.10
	12.04 LTS precise	Fixed 9.1.12-0ubuntu0.12.04
	10.04 LTS lucid	Not in release
postgresql-9.3	14.10 utopic	Not in release
	14.04 LTS trusty	Fixed 9.3.3-1
	13.10 saucy	Not in release
	12.10 quantal	Not in release
	12.04 LTS precise	Not in release
	10.04 LTS lucid	Not in release

References

Related Ubuntu Security Notices (USN)

USN-2120-1
PostgreSQL vulnerabilities
24 February 2014

CVE-2014-0064

Status

References

Related Ubuntu Security Notices (USN)

Other references