6.8

CVE-2007-4769

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
PostgresqlPostgresql Version7.3
PostgresqlPostgresql Version7.3.1
PostgresqlPostgresql Version7.3.2
PostgresqlPostgresql Version7.3.3
PostgresqlPostgresql Version7.3.4
PostgresqlPostgresql Version7.3.6
PostgresqlPostgresql Version7.3.8
PostgresqlPostgresql Version7.3.9
PostgresqlPostgresql Version7.3.10
PostgresqlPostgresql Version7.3.11
PostgresqlPostgresql Version7.3.12
PostgresqlPostgresql Version7.3.13
PostgresqlPostgresql Version7.3.14
PostgresqlPostgresql Version7.3.15
PostgresqlPostgresql Version7.3.16
PostgresqlPostgresql Version7.3.19
PostgresqlPostgresql Version7.4
PostgresqlPostgresql Version7.4.1
PostgresqlPostgresql Version7.4.2
PostgresqlPostgresql Version7.4.3
PostgresqlPostgresql Version7.4.4
PostgresqlPostgresql Version7.4.5
PostgresqlPostgresql Version7.4.6
PostgresqlPostgresql Version7.4.7
PostgresqlPostgresql Version7.4.8
PostgresqlPostgresql Version7.4.9
PostgresqlPostgresql Version7.4.10
PostgresqlPostgresql Version7.4.11
PostgresqlPostgresql Version7.4.12
PostgresqlPostgresql Version7.4.13
PostgresqlPostgresql Version7.4.14
PostgresqlPostgresql Version7.4.16
PostgresqlPostgresql Version7.4.17
PostgresqlPostgresql Version8.0
PostgresqlPostgresql Version8.0.1
PostgresqlPostgresql Version8.0.2
PostgresqlPostgresql Version8.0.3
PostgresqlPostgresql Version8.0.4
PostgresqlPostgresql Version8.0.5
PostgresqlPostgresql Version8.0.7
PostgresqlPostgresql Version8.0.8
PostgresqlPostgresql Version8.0.9
PostgresqlPostgresql Version8.0.11
PostgresqlPostgresql Version8.0.13
PostgresqlPostgresql Version8.0.317
PostgresqlPostgresql Version8.1.1
PostgresqlPostgresql Version8.1.3
PostgresqlPostgresql Version8.1.4
PostgresqlPostgresql Version8.1.5
PostgresqlPostgresql Version8.1.7
PostgresqlPostgresql Version8.1.8
PostgresqlPostgresql Version8.1.9
PostgresqlPostgresql Version8.2
PostgresqlPostgresql Version8.2.2
PostgresqlPostgresql Version8.2.3
PostgresqlPostgresql Version8.2.4
Tcl TkTcl Tk Version <= 8.4.16
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.64% 0.881
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.8 8 6.9
AV:N/AC:L/Au:S/C:N/I:N/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154
http://secunia.com/advisories/28376
Vendor Advisory
http://secunia.com/advisories/28437
Vendor Advisory
http://secunia.com/advisories/28438
Vendor Advisory
http://secunia.com/advisories/28454
Vendor Advisory
http://secunia.com/advisories/28477
http://secunia.com/advisories/28479
Vendor Advisory
http://secunia.com/advisories/28679
Vendor Advisory
http://secunia.com/advisories/29638
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200801-15.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1
http://www.debian.org/security/2008/dsa-1460
http://www.debian.org/security/2008/dsa-1463
http://www.redhat.com/support/errata/RHSA-2008-0038.html
http://www.redhat.com/support/errata/RHSA-2008-0040.html
http://www.vupen.com/english/advisories/2008/0109
Vendor Advisory
http://www.vupen.com/english/advisories/2008/1071/references
https://usn.ubuntu.com/568-1/
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html
http://secunia.com/advisories/28359
Vendor Advisory
http://secunia.com/advisories/28455
Vendor Advisory
http://secunia.com/advisories/28464
Vendor Advisory
http://secunia.com/advisories/28698
Vendor Advisory
http://securitytracker.com/id?1019157
http://sourceforge.net/project/shownotes.php?release_id=565440&group_id=10894
http://sourceforge.net/tracker/index.php?func=detail&aid=1810264&group_id=10894&atid=110894
http://www.mandriva.com/security/advisories?name=MDVSA-2008:004
http://www.postgresql.org/about/news.905
http://www.securityfocus.com/archive/1/485864/100/0/threaded
http://www.securityfocus.com/archive/1/486407/100/0/threaded
http://www.securityfocus.com/bid/27163
Patch
http://www.vupen.com/english/advisories/2008/0061
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/39499
https://issues.rpath.com/browse/RPL-1768
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9804
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html