6.6

CVE-2007-0556

EPSS 2%
Published 06.02.2007 01:28:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

The query planner in PostgreSQL before 8.0.11, 8.1 before 8.1.7, and 8.2 before 8.2.2 does not verify that a table is compatible with a "previously made query plan," which allows remote authenticated users to cause a denial of service (server crash) and possibly access database content via an "ALTER COLUMN TYPE" SQL statement, which can be leveraged to read arbitrary memory from the server.

Affected products Warnungen 0 Metrics 2 CWE 0 References 37

Data is provided by the National Vulnerability Database (NVD)

Postgresql ≫ Postgresql Version1.0

Postgresql ≫ Postgresql Version1.01

Postgresql ≫ Postgresql Version1.02

Postgresql ≫ Postgresql Version1.09

Postgresql ≫ Postgresql Version6.0

Postgresql ≫ Postgresql Version6.1

Postgresql ≫ Postgresql Version6.1.1

Postgresql ≫ Postgresql Version6.2

Postgresql ≫ Postgresql Version6.2.1

Postgresql ≫ Postgresql Version6.3

Postgresql ≫ Postgresql Version6.3.1

Postgresql ≫ Postgresql Version6.3.2

Postgresql ≫ Postgresql Version6.4

Postgresql ≫ Postgresql Version6.4.1

Postgresql ≫ Postgresql Version6.4.2

Postgresql ≫ Postgresql Version6.5

Postgresql ≫ Postgresql Version6.5.1

Postgresql ≫ Postgresql Version6.5.2

Postgresql ≫ Postgresql Version6.5.3

Postgresql ≫ Postgresql Version7.0

Postgresql ≫ Postgresql Version7.0.1

Postgresql ≫ Postgresql Version7.0.2

Postgresql ≫ Postgresql Version7.0.3

Postgresql ≫ Postgresql Version7.1

Postgresql ≫ Postgresql Version7.1.1

Postgresql ≫ Postgresql Version7.1.2

Postgresql ≫ Postgresql Version7.1.3

Postgresql ≫ Postgresql Version7.2

Postgresql ≫ Postgresql Version7.2.1

Postgresql ≫ Postgresql Version7.2.2

Postgresql ≫ Postgresql Version7.2.3

Postgresql ≫ Postgresql Version7.2.4

Postgresql ≫ Postgresql Version7.2.5

Postgresql ≫ Postgresql Version7.2.6

Postgresql ≫ Postgresql Version7.2.7

Postgresql ≫ Postgresql Version7.2.8

Postgresql ≫ Postgresql Version7.3

Postgresql ≫ Postgresql Version7.3.1

Postgresql ≫ Postgresql Version7.3.2

Postgresql ≫ Postgresql Version7.3.3

Postgresql ≫ Postgresql Version7.3.4

Postgresql ≫ Postgresql Version7.3.5

Postgresql ≫ Postgresql Version7.3.6

Postgresql ≫ Postgresql Version7.3.7

Postgresql ≫ Postgresql Version7.3.8

Postgresql ≫ Postgresql Version7.3.9

Postgresql ≫ Postgresql Version7.3.10

Postgresql ≫ Postgresql Version7.3.11

Postgresql ≫ Postgresql Version7.3.12

Postgresql ≫ Postgresql Version7.3.13

Postgresql ≫ Postgresql Version7.3.14

Postgresql ≫ Postgresql Version7.3.15

Postgresql ≫ Postgresql Version7.3.16

Postgresql ≫ Postgresql Version7.3.17

Postgresql ≫ Postgresql Version7.3.18

Postgresql ≫ Postgresql Version7.4

Postgresql ≫ Postgresql Version7.4.1

Postgresql ≫ Postgresql Version7.4.2

Postgresql ≫ Postgresql Version7.4.3

Postgresql ≫ Postgresql Version7.4.4

Postgresql ≫ Postgresql Version7.4.5

Postgresql ≫ Postgresql Version7.4.6

Postgresql ≫ Postgresql Version7.4.7

Postgresql ≫ Postgresql Version7.4.8

Postgresql ≫ Postgresql Version7.4.9

Postgresql ≫ Postgresql Version7.4.10

Postgresql ≫ Postgresql Version7.4.11

Postgresql ≫ Postgresql Version7.4.12

Postgresql ≫ Postgresql Version7.4.13

Postgresql ≫ Postgresql Version7.4.14

Postgresql ≫ Postgresql Version7.4.15

Postgresql ≫ Postgresql Version7.4.16

Postgresql ≫ Postgresql Version8.0

Postgresql ≫ Postgresql Version8.0.1

Postgresql ≫ Postgresql Version8.0.2

Postgresql ≫ Postgresql Version8.0.3

Postgresql ≫ Postgresql Version8.0.4

Postgresql ≫ Postgresql Version8.0.5

Postgresql ≫ Postgresql Version8.0.6

Postgresql ≫ Postgresql Version8.0.7

Postgresql ≫ Postgresql Version8.0.8

Postgresql ≫ Postgresql Version8.0.9

Postgresql ≫ Postgresql Version8.0.10

Postgresql ≫ Postgresql Version8.1

Postgresql ≫ Postgresql Version8.1.1

Postgresql ≫ Postgresql Version8.1.2

Postgresql ≫ Postgresql Version8.1.3

Postgresql ≫ Postgresql Version8.1.4

Postgresql ≫ Postgresql Version8.1.5

Postgresql ≫ Postgresql Version8.1.6

Postgresql ≫ Postgresql Version8.2

Postgresql ≫ Postgresql Version8.2.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	2%	0.83

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.6	3.9	9.2	AV:N/AC:H/Au:S/C:C/I:N/A:C

http://secunia.com/advisories/24577

http://support.avaya.com/elmodocs2/security/ASA-2007-117.htm

http://www.redhat.com/support/errata/RHSA-2007-0067.html

http://www.redhat.com/support/errata/RHSA-2007-0068.html

http://secunia.com/advisories/24151

http://www.trustix.org/errata/2007/0007

http://fedoranews.org/cms/node/2554

http://lists.rpath.com/pipermail/security-announce/2007-February/000141.html

http://secunia.com/advisories/24028

http://secunia.com/advisories/24033

Vendor Advisory

http://secunia.com/advisories/24042

http://secunia.com/advisories/24050

http://secunia.com/advisories/24057

http://secunia.com/advisories/24315

http://secunia.com/advisories/24513

http://secunia.com/advisories/25220

http://security.gentoo.org/glsa/glsa-200703-15.xml

http://securitytracker.com/id?1017597

http://sunsolve.sun.com/search/document.do?assetkey=1-26-102825-1

http://www.mandriva.com/security/advisories?name=MDKSA-2007:037

http://www.novell.com/linux/security/advisories/2007_10_sr.html

http://www.postgresql.org/support/security

http://www.securityfocus.com/archive/1/459280/100/0/threaded

http://www.securityfocus.com/archive/1/459448/100/0/threaded

http://www.securityfocus.com/bid/22387

http://www.ubuntu.com/usn/usn-417-2

http://www.vupen.com/english/advisories/2007/0478

http://www.vupen.com/english/advisories/2007/0774

https://issues.rpath.com/browse/RPL-1025

https://issues.rpath.com/browse/RPL-830

https://usn.ubuntu.com/417-1/

http://osvdb.org/33302

https://exchange.xforce.ibmcloud.com/vulnerabilities/32191

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11353

https://nvd.nist.gov/vuln/detail/CVE-2007-0556

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-0556

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-0556

EUVD