6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
0.019 Low
EPSS
Percentile
88.5%
Buffer overflow in the gettoken function in contrib/intarray/_int_bool.c in
the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before
8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote
authenticated users to cause a denial of service (crash) and possibly
execute arbitrary code via integers with a large number of digits to
unspecified functions.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 6.06 | noarch | postgresql-8.1 | < 8.1.23-0ubuntu0.6.06.1 | UNKNOWN |
ubuntu | 8.04 | noarch | postgresql-8.3 | < 8.3.14-0ubuntu8.04 | UNKNOWN |
ubuntu | 9.10 | noarch | postgresql-8.4 | < 8.4.7-0ubuntu0.9.10 | UNKNOWN |
ubuntu | 10.04 | noarch | postgresql-8.4 | < 8.4.7-0ubuntu0.10.04 | UNKNOWN |
ubuntu | 10.10 | noarch | postgresql-8.4 | < 8.4.7-0ubuntu0.10.10 | UNKNOWN |