6.5

CVE-2014-0064

EPSS 12.67%
Published 31.03.2014 14:58:15
Last modified 12.04.2025 10:46:40
Source secalert@redhat.com
Teams watchlist Login
Open Login

Multiple integer overflows in the path_in and other unspecified functions in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, which trigger a buffer overflow.  NOTE: this identifier has been SPLIT due to different affected versions; use CVE-2014-2669 for the hstore vector.

Affected products Warnungen 0 Metrics 2 CWE 0 References 24

Data is provided by the National Vulnerability Database (NVD)

Postgresql ≫ Postgresql Version <= 8.4.19

Postgresql ≫ Postgresql Version8.4.1

Postgresql ≫ Postgresql Version8.4.2

Postgresql ≫ Postgresql Version8.4.3

Postgresql ≫ Postgresql Version8.4.4

Postgresql ≫ Postgresql Version8.4.5

Postgresql ≫ Postgresql Version8.4.6

Postgresql ≫ Postgresql Version8.4.7

Postgresql ≫ Postgresql Version8.4.8

Postgresql ≫ Postgresql Version8.4.9

Postgresql ≫ Postgresql Version8.4.10

Postgresql ≫ Postgresql Version8.4.11

Postgresql ≫ Postgresql Version8.4.12

Postgresql ≫ Postgresql Version8.4.13

Postgresql ≫ Postgresql Version8.4.14

Postgresql ≫ Postgresql Version8.4.15

Postgresql ≫ Postgresql Version8.4.16

Postgresql ≫ Postgresql Version8.4.17

Postgresql ≫ Postgresql Version8.4.18

Postgresql ≫ Postgresql Version9.0

Postgresql ≫ Postgresql Version9.0.1

Postgresql ≫ Postgresql Version9.0.2

Postgresql ≫ Postgresql Version9.0.3

Postgresql ≫ Postgresql Version9.0.4

Postgresql ≫ Postgresql Version9.0.5

Postgresql ≫ Postgresql Version9.0.6

Postgresql ≫ Postgresql Version9.0.7

Postgresql ≫ Postgresql Version9.0.8

Postgresql ≫ Postgresql Version9.0.9

Postgresql ≫ Postgresql Version9.0.10

Postgresql ≫ Postgresql Version9.0.11

Postgresql ≫ Postgresql Version9.0.12

Postgresql ≫ Postgresql Version9.0.13

Postgresql ≫ Postgresql Version9.0.14

Postgresql ≫ Postgresql Version9.0.15

Postgresql ≫ Postgresql Version9.1

Postgresql ≫ Postgresql Version9.1.1

Postgresql ≫ Postgresql Version9.1.2

Postgresql ≫ Postgresql Version9.1.3

Postgresql ≫ Postgresql Version9.1.4

Postgresql ≫ Postgresql Version9.1.5

Postgresql ≫ Postgresql Version9.1.6

Postgresql ≫ Postgresql Version9.1.7

Postgresql ≫ Postgresql Version9.1.8

Postgresql ≫ Postgresql Version9.1.9

Postgresql ≫ Postgresql Version9.1.10

Postgresql ≫ Postgresql Version9.1.11

Postgresql ≫ Postgresql Version9.2

Postgresql ≫ Postgresql Version9.2.1

Postgresql ≫ Postgresql Version9.2.2

Postgresql ≫ Postgresql Version9.2.3

Postgresql ≫ Postgresql Version9.2.4

Postgresql ≫ Postgresql Version9.2.5

Postgresql ≫ Postgresql Version9.2.6

Postgresql ≫ Postgresql Version9.3

Postgresql ≫ Postgresql Version9.3.1

Postgresql ≫ Postgresql Version9.3.2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	12.67%	0.937

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	6.5	8	6.4	AV:N/AC:L/Au:S/C:P/I:P/A:P

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

http://www.postgresql.org/support/security/

Vendor Advisory

http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html

https://support.apple.com/kb/HT6536

http://rhn.redhat.com/errata/RHSA-2014-0469.html

http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html

http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html

http://rhn.redhat.com/errata/RHSA-2014-0211.html

http://rhn.redhat.com/errata/RHSA-2014-0221.html

http://rhn.redhat.com/errata/RHSA-2014-0249.html

http://secunia.com/advisories/61307

http://support.apple.com/kb/HT6448

http://wiki.postgresql.org/wiki/20140220securityrelease

http://www.debian.org/security/2014/dsa-2864

http://www.debian.org/security/2014/dsa-2865

http://www.postgresql.org/about/news/1506/

Vendor Advisory

http://www.ubuntu.com/usn/USN-2120-1

http://www.securityfocus.com/bid/65725

https://bugzilla.redhat.com/show_bug.cgi?id=1065230

https://github.com/postgres/postgres/commit/31400a673325147e1205326008e32135a78b4d8a

https://nvd.nist.gov/vuln/detail/CVE-2014-0064

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2014-0064

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2014-0064

EUVD