CVE-2005-0227
4.3 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
6.4 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
10.3%
PostgreSQL (pgsql) 7.4.x, 7.2.x, and other versions allows local users to load arbitrary shared libraries and execute code via the LOAD extension.
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| postgresql:postgresql | postgresql | lt | 7.3.9 |
| postgresql:postgresql | postgresql | lt | 7.4.7 |
| postgresql:postgresql | postgresql | lt | 8.0.1 |
References
archives.postgresql.org/pgsql-announce/2005-02/msg00000.php
archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php
marc.info/?l=bugtraq&m=110726899107148&w=2
secunia.com/advisories/12948
security.gentoo.org/glsa/glsa-200502-08.xml
www.debian.org/security/2005/dsa-668
www.mandriva.com/security/advisories?name=MDKSA-2005:040
www.novell.com/linux/security/advisories/2005_36_sudo.html
www.redhat.com/support/errata/RHSA-2005-138.html
www.redhat.com/support/errata/RHSA-2005-150.html
www.securityfocus.com/bid/12411
www.trustix.org/errata/2005/0003/
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10234
Related
4.3 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:S/C:P/I:P/A:P
6.4 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
10.3%