VYPR
Unrated severityNVD Advisory· Published Aug 31, 2007· Updated Jun 16, 2026

CVE-2007-4639

CVE-2007-4639

Description

EnterpriseDB Advanced Server 8.2 does not properly handle certain debugging function calls that occur before a call to pldbg_create_listener, which allows remote authenticated users to cause a denial of service (daemon crash) and possibly execute arbitrary code via a SELECT statement that invokes a pldbg_ function, as demonstrated by (1) pldbg_get_stack and (2) pldbg_abort_target, which triggers use of an uninitialized pointer.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:a:enterprisedb:postgres_advanced_server:8.2:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:enterprisedb:postgres_advanced_server:8.2:*:*:*:*:*:*:*
    • (no CPE)range: 8.2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.