8.3
CVE-2016-5423
- EPSS 5.96%
- Veröffentlicht 09.12.2016 23:59:00
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated users to cause a denial of service (NULL pointer dereference and server crash), obtain sensitive memory information, or possibly execute arbitrary code via (1) a CASE expression within the test value subexpression of another CASE or (2) inlining of an SQL function that implements the equality operator used for a CASE expression involving values of different types.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Debian ≫ Debian Linux Version8.0
Postgresql ≫ Postgresql Version <= 9.1.22
Postgresql ≫ Postgresql Version9.2
Postgresql ≫ Postgresql Version9.2.1
Postgresql ≫ Postgresql Version9.2.2
Postgresql ≫ Postgresql Version9.2.3
Postgresql ≫ Postgresql Version9.2.4
Postgresql ≫ Postgresql Version9.2.5
Postgresql ≫ Postgresql Version9.2.6
Postgresql ≫ Postgresql Version9.2.7
Postgresql ≫ Postgresql Version9.2.8
Postgresql ≫ Postgresql Version9.2.9
Postgresql ≫ Postgresql Version9.2.10
Postgresql ≫ Postgresql Version9.2.11
Postgresql ≫ Postgresql Version9.2.12
Postgresql ≫ Postgresql Version9.2.13
Postgresql ≫ Postgresql Version9.2.14
Postgresql ≫ Postgresql Version9.2.15
Postgresql ≫ Postgresql Version9.2.16
Postgresql ≫ Postgresql Version9.2.17
Postgresql ≫ Postgresql Version9.3
Postgresql ≫ Postgresql Version9.3.1
Postgresql ≫ Postgresql Version9.3.2
Postgresql ≫ Postgresql Version9.3.3
Postgresql ≫ Postgresql Version9.3.4
Postgresql ≫ Postgresql Version9.3.5
Postgresql ≫ Postgresql Version9.3.6
Postgresql ≫ Postgresql Version9.3.7
Postgresql ≫ Postgresql Version9.3.8
Postgresql ≫ Postgresql Version9.3.9
Postgresql ≫ Postgresql Version9.3.10
Postgresql ≫ Postgresql Version9.3.11
Postgresql ≫ Postgresql Version9.3.12
Postgresql ≫ Postgresql Version9.3.13
Postgresql ≫ Postgresql Version9.4
Postgresql ≫ Postgresql Version9.4.1
Postgresql ≫ Postgresql Version9.4.2
Postgresql ≫ Postgresql Version9.4.3
Postgresql ≫ Postgresql Version9.4.4
Postgresql ≫ Postgresql Version9.4.5
Postgresql ≫ Postgresql Version9.4.6
Postgresql ≫ Postgresql Version9.4.7
Postgresql ≫ Postgresql Version9.4.8
Postgresql ≫ Postgresql Version9.5
Postgresql ≫ Postgresql Version9.5.1
Postgresql ≫ Postgresql Version9.5.2
Postgresql ≫ Postgresql Version9.5.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 5.96% | 0.924 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.3 | 2.8 | 5.5 |
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
|
| nvd@nist.gov | 6.5 | 8 | 6.4 |
AV:N/AC:L/Au:S/C:P/I:P/A:P
|
CWE-476 NULL Pointer Dereference
The product dereferences a pointer that it expects to be valid but is NULL.
https://security.gentoo.org/glsa/201701-33
http://rhn.redhat.com/errata/RHSA-2016-1781.html
http://rhn.redhat.com/errata/RHSA-2016-1820.html
http://rhn.redhat.com/errata/RHSA-2016-1821.html
http://rhn.redhat.com/errata/RHSA-2016-2606.html
http://www.debian.org/security/2016/dsa-3646
http://www.securityfocus.com/bid/92433
http://www.securitytracker.com/id/1036617
https://access.redhat.com/errata/RHSA-2017:2425
https://bugzilla.redhat.com/show_bug.cgi?id=1364001
https://www.postgresql.org/about/news/1688/
https://www.postgresql.org/docs/current/static/release-9-1-23.html
https://www.postgresql.org/docs/current/static/release-9-2-18.html
https://www.postgresql.org/docs/current/static/release-9-3-14.html
https://www.postgresql.org/docs/current/static/release-9-4-9.html
https://www.postgresql.org/docs/current/static/release-9-5-4.html