ID CVE-2003-0901
Summary Buffer overflow in to_ascii for PostgreSQL 7.2.x, and 7.3.x before 7.3.4, allows remote attackers to execute arbitrary code.
References
Vulnerable Configurations
  • cpe:2.3:a:postgresql:postgresql:7.2:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:7.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:7.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:7.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:7.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:7.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:7.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:7.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:7.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:7.3:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:7.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:7.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:7.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:7.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:7.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:7.3.3:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 05-09-2008 - 20:35)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
redhat via4
advisories
  • rhsa
    id RHSA-2003:313
  • rhsa
    id RHSA-2003:314
refmap via4
bid 8741
conectiva
  • CLA-2003:784
  • CLSA-2003:772
confirm http://developer.postgresql.org/cvsweb.cgi/pgsql-server/src/backend/utils/adt/ascii.c
debian DSA-397
Last major update 05-09-2008 - 20:35
Published 03-11-2003 - 05:00
Last modified 05-09-2008 - 20:35
Back to Top