ID CVE-2010-4015
Summary Buffer overflow in the gettoken function in contrib/intarray/_int_bool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via integers with a large number of digits to unspecified functions.
References
Vulnerable Configurations
  • cpe:2.3:a:postgresql:postgresql:8.3:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.3:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.3.2:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.3.3:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.3.4:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.3.5:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.3.6:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.3.7:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.3.7:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.3.8:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.3.8:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.3.9:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.3.9:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.3.10:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.3.10:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.3.11:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.3.11:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.3.12:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.3.12:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.3.13:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.3.13:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:9.0:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:9.0:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:9.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:9.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:9.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:9.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.4:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.4:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.4.1:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.4.2:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.4.3:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.4.4:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.4.5:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.4.5:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.4.6:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.4.6:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.2:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.2.5:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.2.6:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.2.7:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.2.8:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.2.8:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.2.9:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.2.10:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.2.11:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.2.11:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.2.12:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.2.12:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.2.13:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.2.13:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.2.14:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.2.14:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.2.15:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.2.15:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.2.16:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.2.16:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.2.17:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.2.17:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.2.18:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.2.18:*:*:*:*:*:*:*
  • cpe:2.3:a:postgresql:postgresql:8.2.19:*:*:*:*:*:*:*
    cpe:2.3:a:postgresql:postgresql:8.2.19:*:*:*:*:*:*:*
CVSS
Base: 6.5 (as of 17-08-2017 - 01:33)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
assigner via4 cve@mitre.org
cvss-vector via4 AV:N/AC:L/Au:S/C:P/I:P/A:P
non_vulnerable_configuration via4
    redhat via4
    advisories
    • bugzilla
      id 664402
      title CVE-2010-4015 PostgreSQL: Stack-based buffer overflow by processing certain tokens from SQL query string when intarray module enabled
      oval
      OR
      • AND
        • comment Red Hat Enterprise Linux 4 is installed
          oval oval:com.redhat.rhba:tst:20070304001
        • OR
          • AND
            • comment postgresql is earlier than 0:7.4.30-1.el4_8.2
              oval oval:com.redhat.rhsa:tst:20110197002
            • comment postgresql is signed with Red Hat master key
              oval oval:com.redhat.rhsa:tst:20070064026
          • AND
            • comment postgresql-contrib is earlier than 0:7.4.30-1.el4_8.2
              oval oval:com.redhat.rhsa:tst:20110197006
            • comment postgresql-contrib is signed with Red Hat master key
              oval oval:com.redhat.rhsa:tst:20070064038
          • AND
            • comment postgresql-devel is earlier than 0:7.4.30-1.el4_8.2
              oval oval:com.redhat.rhsa:tst:20110197012
            • comment postgresql-devel is signed with Red Hat master key
              oval oval:com.redhat.rhsa:tst:20070064036
          • AND
            • comment postgresql-docs is earlier than 0:7.4.30-1.el4_8.2
              oval oval:com.redhat.rhsa:tst:20110197014
            • comment postgresql-docs is signed with Red Hat master key
              oval oval:com.redhat.rhsa:tst:20070064046
          • AND
            • comment postgresql-jdbc is earlier than 0:7.4.30-1.el4_8.2
              oval oval:com.redhat.rhsa:tst:20110197018
            • comment postgresql-jdbc is signed with Red Hat master key
              oval oval:com.redhat.rhsa:tst:20070064032
          • AND
            • comment postgresql-libs is earlier than 0:7.4.30-1.el4_8.2
              oval oval:com.redhat.rhsa:tst:20110197016
            • comment postgresql-libs is signed with Red Hat master key
              oval oval:com.redhat.rhsa:tst:20070064030
          • AND
            • comment postgresql-pl is earlier than 0:7.4.30-1.el4_8.2
              oval oval:com.redhat.rhsa:tst:20110197004
            • comment postgresql-pl is signed with Red Hat master key
              oval oval:com.redhat.rhsa:tst:20070064028
          • AND
            • comment postgresql-python is earlier than 0:7.4.30-1.el4_8.2
              oval oval:com.redhat.rhsa:tst:20110197022
            • comment postgresql-python is signed with Red Hat master key
              oval oval:com.redhat.rhsa:tst:20070064044
          • AND
            • comment postgresql-server is earlier than 0:7.4.30-1.el4_8.2
              oval oval:com.redhat.rhsa:tst:20110197020
            • comment postgresql-server is signed with Red Hat master key
              oval oval:com.redhat.rhsa:tst:20070064034
          • AND
            • comment postgresql-tcl is earlier than 0:7.4.30-1.el4_8.2
              oval oval:com.redhat.rhsa:tst:20110197010
            • comment postgresql-tcl is signed with Red Hat master key
              oval oval:com.redhat.rhsa:tst:20070064040
          • AND
            • comment postgresql-test is earlier than 0:7.4.30-1.el4_8.2
              oval oval:com.redhat.rhsa:tst:20110197008
            • comment postgresql-test is signed with Red Hat master key
              oval oval:com.redhat.rhsa:tst:20070064042
      • AND
        • OR
          • comment Red Hat Enterprise Linux 6 Client is installed
            oval oval:com.redhat.rhba:tst:20111656001
          • comment Red Hat Enterprise Linux 6 Server is installed
            oval oval:com.redhat.rhba:tst:20111656002
          • comment Red Hat Enterprise Linux 6 Workstation is installed
            oval oval:com.redhat.rhba:tst:20111656003
          • comment Red Hat Enterprise Linux 6 ComputeNode is installed
            oval oval:com.redhat.rhba:tst:20111656004
        • OR
          • AND
            • comment postgresql is earlier than 0:8.4.7-1.el6_0.1
              oval oval:com.redhat.rhsa:tst:20110197028
            • comment postgresql is signed with Red Hat redhatrelease2 key
              oval oval:com.redhat.rhsa:tst:20100908006
          • AND
            • comment postgresql-contrib is earlier than 0:8.4.7-1.el6_0.1
              oval oval:com.redhat.rhsa:tst:20110197046
            • comment postgresql-contrib is signed with Red Hat redhatrelease2 key
              oval oval:com.redhat.rhsa:tst:20100908014
          • AND
            • comment postgresql-devel is earlier than 0:8.4.7-1.el6_0.1
              oval oval:com.redhat.rhsa:tst:20110197036
            • comment postgresql-devel is signed with Red Hat redhatrelease2 key
              oval oval:com.redhat.rhsa:tst:20100908010
          • AND
            • comment postgresql-docs is earlier than 0:8.4.7-1.el6_0.1
              oval oval:com.redhat.rhsa:tst:20110197038
            • comment postgresql-docs is signed with Red Hat redhatrelease2 key
              oval oval:com.redhat.rhsa:tst:20100908016
          • AND
            • comment postgresql-libs is earlier than 0:8.4.7-1.el6_0.1
              oval oval:com.redhat.rhsa:tst:20110197042
            • comment postgresql-libs is signed with Red Hat redhatrelease2 key
              oval oval:com.redhat.rhsa:tst:20100908024
          • AND
            • comment postgresql-plperl is earlier than 0:8.4.7-1.el6_0.1
              oval oval:com.redhat.rhsa:tst:20110197034
            • comment postgresql-plperl is signed with Red Hat redhatrelease2 key
              oval oval:com.redhat.rhsa:tst:20100908022
          • AND
            • comment postgresql-plpython is earlier than 0:8.4.7-1.el6_0.1
              oval oval:com.redhat.rhsa:tst:20110197030
            • comment postgresql-plpython is signed with Red Hat redhatrelease2 key
              oval oval:com.redhat.rhsa:tst:20100908018
          • AND
            • comment postgresql-pltcl is earlier than 0:8.4.7-1.el6_0.1
              oval oval:com.redhat.rhsa:tst:20110197040
            • comment postgresql-pltcl is signed with Red Hat redhatrelease2 key
              oval oval:com.redhat.rhsa:tst:20100908020
          • AND
            • comment postgresql-server is earlier than 0:8.4.7-1.el6_0.1
              oval oval:com.redhat.rhsa:tst:20110197044
            • comment postgresql-server is signed with Red Hat redhatrelease2 key
              oval oval:com.redhat.rhsa:tst:20100908012
          • AND
            • comment postgresql-test is earlier than 0:8.4.7-1.el6_0.1
              oval oval:com.redhat.rhsa:tst:20110197032
            • comment postgresql-test is signed with Red Hat redhatrelease2 key
              oval oval:com.redhat.rhsa:tst:20100908008
      • AND
        • comment Red Hat Enterprise Linux 5 is installed
          oval oval:com.redhat.rhba:tst:20070331001
        • OR
          • AND
            • comment postgresql is earlier than 0:8.1.23-1.el5_6.1
              oval oval:com.redhat.rhsa:tst:20110197049
            • comment postgresql is signed with Red Hat redhatrelease key
              oval oval:com.redhat.rhsa:tst:20070068003
          • AND
            • comment postgresql-contrib is earlier than 0:8.1.23-1.el5_6.1
              oval oval:com.redhat.rhsa:tst:20110197053
            • comment postgresql-contrib is signed with Red Hat redhatrelease key
              oval oval:com.redhat.rhsa:tst:20070068013
          • AND
            • comment postgresql-devel is earlier than 0:8.1.23-1.el5_6.1
              oval oval:com.redhat.rhsa:tst:20110197063
            • comment postgresql-devel is signed with Red Hat redhatrelease key
              oval oval:com.redhat.rhsa:tst:20070068009
          • AND
            • comment postgresql-docs is earlier than 0:8.1.23-1.el5_6.1
              oval oval:com.redhat.rhsa:tst:20110197051
            • comment postgresql-docs is signed with Red Hat redhatrelease key
              oval oval:com.redhat.rhsa:tst:20070068005
          • AND
            • comment postgresql-libs is earlier than 0:8.1.23-1.el5_6.1
              oval oval:com.redhat.rhsa:tst:20110197061
            • comment postgresql-libs is signed with Red Hat redhatrelease key
              oval oval:com.redhat.rhsa:tst:20070068011
          • AND
            • comment postgresql-pl is earlier than 0:8.1.23-1.el5_6.1
              oval oval:com.redhat.rhsa:tst:20110197067
            • comment postgresql-pl is signed with Red Hat redhatrelease key
              oval oval:com.redhat.rhsa:tst:20070068017
          • AND
            • comment postgresql-python is earlier than 0:8.1.23-1.el5_6.1
              oval oval:com.redhat.rhsa:tst:20110197057
            • comment postgresql-python is signed with Red Hat redhatrelease key
              oval oval:com.redhat.rhsa:tst:20070068015
          • AND
            • comment postgresql-server is earlier than 0:8.1.23-1.el5_6.1
              oval oval:com.redhat.rhsa:tst:20110197059
            • comment postgresql-server is signed with Red Hat redhatrelease key
              oval oval:com.redhat.rhsa:tst:20070068019
          • AND
            • comment postgresql-tcl is earlier than 0:8.1.23-1.el5_6.1
              oval oval:com.redhat.rhsa:tst:20110197065
            • comment postgresql-tcl is signed with Red Hat redhatrelease key
              oval oval:com.redhat.rhsa:tst:20070068007
          • AND
            • comment postgresql-test is earlier than 0:8.1.23-1.el5_6.1
              oval oval:com.redhat.rhsa:tst:20110197055
            • comment postgresql-test is signed with Red Hat redhatrelease key
              oval oval:com.redhat.rhsa:tst:20070068021
      rhsa
      id RHSA-2011:0197
      released 2011-02-03
      severity Moderate
      title RHSA-2011:0197: postgresql security update (Moderate)
    • bugzilla
      id 664402
      title CVE-2010-4015 PostgreSQL: Stack-based buffer overflow by processing certain tokens from SQL query string when intarray module enabled
      oval
      AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhba:tst:20070331001
      • OR
        • AND
          • comment postgresql84 is earlier than 0:8.4.7-1.el5_6.1
            oval oval:com.redhat.rhsa:tst:20110198002
          • comment postgresql84 is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100430003
        • AND
          • comment postgresql84-contrib is earlier than 0:8.4.7-1.el5_6.1
            oval oval:com.redhat.rhsa:tst:20110198020
          • comment postgresql84-contrib is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100430023
        • AND
          • comment postgresql84-devel is earlier than 0:8.4.7-1.el5_6.1
            oval oval:com.redhat.rhsa:tst:20110198022
          • comment postgresql84-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100430017
        • AND
          • comment postgresql84-docs is earlier than 0:8.4.7-1.el5_6.1
            oval oval:com.redhat.rhsa:tst:20110198004
          • comment postgresql84-docs is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100430011
        • AND
          • comment postgresql84-libs is earlier than 0:8.4.7-1.el5_6.1
            oval oval:com.redhat.rhsa:tst:20110198018
          • comment postgresql84-libs is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100430013
        • AND
          • comment postgresql84-plperl is earlier than 0:8.4.7-1.el5_6.1
            oval oval:com.redhat.rhsa:tst:20110198016
          • comment postgresql84-plperl is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100430005
        • AND
          • comment postgresql84-plpython is earlier than 0:8.4.7-1.el5_6.1
            oval oval:com.redhat.rhsa:tst:20110198010
          • comment postgresql84-plpython is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100430019
        • AND
          • comment postgresql84-pltcl is earlier than 0:8.4.7-1.el5_6.1
            oval oval:com.redhat.rhsa:tst:20110198012
          • comment postgresql84-pltcl is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100430015
        • AND
          • comment postgresql84-python is earlier than 0:8.4.7-1.el5_6.1
            oval oval:com.redhat.rhsa:tst:20110198014
          • comment postgresql84-python is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100430025
        • AND
          • comment postgresql84-server is earlier than 0:8.4.7-1.el5_6.1
            oval oval:com.redhat.rhsa:tst:20110198006
          • comment postgresql84-server is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100430007
        • AND
          • comment postgresql84-tcl is earlier than 0:8.4.7-1.el5_6.1
            oval oval:com.redhat.rhsa:tst:20110198024
          • comment postgresql84-tcl is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100430009
        • AND
          • comment postgresql84-test is earlier than 0:8.4.7-1.el5_6.1
            oval oval:com.redhat.rhsa:tst:20110198008
          • comment postgresql84-test is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20100430021
      rhsa
      id RHSA-2011:0198
      released 2011-02-03
      severity Moderate
      title RHSA-2011:0198: postgresql84 security update (Moderate)
    rpms
    • postgresql-0:7.4.30-1.el4_8.2
    • postgresql-contrib-0:7.4.30-1.el4_8.2
    • postgresql-devel-0:7.4.30-1.el4_8.2
    • postgresql-docs-0:7.4.30-1.el4_8.2
    • postgresql-jdbc-0:7.4.30-1.el4_8.2
    • postgresql-libs-0:7.4.30-1.el4_8.2
    • postgresql-pl-0:7.4.30-1.el4_8.2
    • postgresql-python-0:7.4.30-1.el4_8.2
    • postgresql-server-0:7.4.30-1.el4_8.2
    • postgresql-tcl-0:7.4.30-1.el4_8.2
    • postgresql-test-0:7.4.30-1.el4_8.2
    • postgresql-0:8.4.7-1.el6_0.1
    • postgresql-contrib-0:8.4.7-1.el6_0.1
    • postgresql-devel-0:8.4.7-1.el6_0.1
    • postgresql-docs-0:8.4.7-1.el6_0.1
    • postgresql-libs-0:8.4.7-1.el6_0.1
    • postgresql-plperl-0:8.4.7-1.el6_0.1
    • postgresql-plpython-0:8.4.7-1.el6_0.1
    • postgresql-pltcl-0:8.4.7-1.el6_0.1
    • postgresql-server-0:8.4.7-1.el6_0.1
    • postgresql-test-0:8.4.7-1.el6_0.1
    • postgresql-0:8.1.23-1.el5_6.1
    • postgresql-contrib-0:8.1.23-1.el5_6.1
    • postgresql-devel-0:8.1.23-1.el5_6.1
    • postgresql-docs-0:8.1.23-1.el5_6.1
    • postgresql-libs-0:8.1.23-1.el5_6.1
    • postgresql-pl-0:8.1.23-1.el5_6.1
    • postgresql-python-0:8.1.23-1.el5_6.1
    • postgresql-server-0:8.1.23-1.el5_6.1
    • postgresql-tcl-0:8.1.23-1.el5_6.1
    • postgresql-test-0:8.1.23-1.el5_6.1
    • postgresql84-0:8.4.7-1.el5_6.1
    • postgresql84-contrib-0:8.4.7-1.el5_6.1
    • postgresql84-devel-0:8.4.7-1.el5_6.1
    • postgresql84-docs-0:8.4.7-1.el5_6.1
    • postgresql84-libs-0:8.4.7-1.el5_6.1
    • postgresql84-plperl-0:8.4.7-1.el5_6.1
    • postgresql84-plpython-0:8.4.7-1.el5_6.1
    • postgresql84-pltcl-0:8.4.7-1.el5_6.1
    • postgresql84-python-0:8.4.7-1.el5_6.1
    • postgresql84-server-0:8.4.7-1.el5_6.1
    • postgresql84-tcl-0:8.4.7-1.el5_6.1
    • postgresql84-test-0:8.4.7-1.el5_6.1
    refmap via4
    bid 46084
    confirm
    debian DSA-2157
    fedora
    • FEDORA-2011-0963
    • FEDORA-2011-0990
    hp
    • HPSBMU02781
    • SSRT100617
    mandriva MDVSA-2011:021
    osvdb 70740
    secunia
    • 43144
    • 43154
    • 43155
    • 43187
    • 43188
    • 43240
    suse SUSE-SR:2011:005
    ubuntu USN-1058-1
    vupen
    • ADV-2011-0262
    • ADV-2011-0278
    • ADV-2011-0283
    • ADV-2011-0287
    • ADV-2011-0299
    • ADV-2011-0303
    • ADV-2011-0349
    xf postgresql-gettoken-buffer-overflow(65060)
    vulnerable_product via4
    • cpe:2.3:a:postgresql:postgresql:8.3:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.6:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.7:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.8:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.9:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.10:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.11:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.12:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.3.13:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:9.0:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:9.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:9.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.4:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.4.3:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.4.4:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.4.5:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.4.6:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.2:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.2.8:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.2.9:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.2.10:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.2.11:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.2.12:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.2.13:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.2.14:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.2.15:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.2.16:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.2.17:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.2.18:*:*:*:*:*:*:*
    • cpe:2.3:a:postgresql:postgresql:8.2.19:*:*:*:*:*:*:*
    Last major update 17-08-2017 - 01:33
    Published 02-02-2011 - 01:00
    Back to Top