7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
High
0.085 Low
EPSS
Percentile
94.5%
Benkocs Norbert Attila discovered that PostgreSQL incorrectly handled
authentication timeouts. A remote attacker could use this flaw to cause the
unauthenticated session to crash, possibly leading to a security issue.
(CVE-2015-3165)
Noah Misch discovered that PostgreSQL incorrectly handled certain standard
library function return values, possibly leading to security issues.
(CVE-2015-3166)
Noah Misch discovered that the pgcrypto function could return different
error messages when decrypting using an incorrect key, possibly leading to
a security issue. (CVE-2015-3167)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 15.04 | noarch | postgresql-9.4 | < 9.4.2-0ubuntu0.15.04 | UNKNOWN |
Ubuntu | 15.04 | noarch | libecpg-compat3 | < 9.4.2-0ubuntu0.15.04 | UNKNOWN |
Ubuntu | 15.04 | noarch | libecpg-compat3-dbgsym | < 9.4.2-0ubuntu0.15.04 | UNKNOWN |
Ubuntu | 15.04 | noarch | libecpg-dev | < 9.4.2-0ubuntu0.15.04 | UNKNOWN |
Ubuntu | 15.04 | noarch | libecpg-dev-dbgsym | < 9.4.2-0ubuntu0.15.04 | UNKNOWN |
Ubuntu | 15.04 | noarch | libecpg6 | < 9.4.2-0ubuntu0.15.04 | UNKNOWN |
Ubuntu | 15.04 | noarch | libecpg6-dbgsym | < 9.4.2-0ubuntu0.15.04 | UNKNOWN |
Ubuntu | 15.04 | noarch | libpgtypes3 | < 9.4.2-0ubuntu0.15.04 | UNKNOWN |
Ubuntu | 15.04 | noarch | libpgtypes3-dbgsym | < 9.4.2-0ubuntu0.15.04 | UNKNOWN |
Ubuntu | 15.04 | noarch | libpq-dev | < 9.4.2-0ubuntu0.15.04 | UNKNOWN |
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9 High
AI Score
Confidence
High
0.085 Low
EPSS
Percentile
94.5%