Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CERTA-2006-AVI-216
Vulnerability from certfr_avis
Deux vulnérabilités ont été identifiées dans PostgreSQL. Elles peuvent être utilisées par une personne malveillante pour injecter des requêtes SQL, afin d'accéder ou modifier les données inclues dans la base, et ainsi contourner la politique de sécurité.
Description
PostgreSQL est un système de gestion de bases de données (DBMS). Deux vulnérabilités ont été identifiées dans certaines versions du serveur. Il ne contrôle pas correctement certains caractères d'échappement, tels que le guillemet '. Un utilisateur malveillant peut profiter de ce problème pour injecter, soit directement, soit par le biais d'une application tierce, des requêtes SQL arbitraires. La politique de sécurité est alors contournée.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| PostgreSQL | PostgreSQL | La version PostgreSQL 7.3.14 et les versions 7.3.x antérieures ; | ||
| PostgreSQL | PostgreSQL | la version PostgreSQL 7.4.12 et les versions 7.4.x antérieures ; | ||
| PostgreSQL | PostgreSQL | la version PostgreSQL 8.1.3 et les versions 8.1.x antérieures. | ||
| PostgreSQL | PostgreSQL | la version PostgreSQL 8.0.7 et les versions 8.0.x antérieures ; |
References
| Title | Publication Time | Tags | |
|---|---|---|---|
|
|
|||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "La version PostgreSQL 7.3.14 et les versions 7.3.x ant\u00e9rieures ;",
"product": {
"name": "PostgreSQL",
"vendor": {
"name": "PostgreSQL",
"scada": false
}
}
},
{
"description": "la version PostgreSQL 7.4.12 et les versions 7.4.x ant\u00e9rieures ;",
"product": {
"name": "PostgreSQL",
"vendor": {
"name": "PostgreSQL",
"scada": false
}
}
},
{
"description": "la version PostgreSQL 8.1.3 et les versions 8.1.x ant\u00e9rieures.",
"product": {
"name": "PostgreSQL",
"vendor": {
"name": "PostgreSQL",
"scada": false
}
}
},
{
"description": "la version PostgreSQL 8.0.7 et les versions 8.0.x ant\u00e9rieures ;",
"product": {
"name": "PostgreSQL",
"vendor": {
"name": "PostgreSQL",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nPostgreSQL est un syst\u00e8me de gestion de bases de donn\u00e9es (DBMS). Deux\nvuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans certaines versions du serveur.\nIl ne contr\u00f4le pas correctement certains caract\u00e8res d\u0027\u00e9chappement, tels\nque le guillemet \u0027. Un utilisateur malveillant peut profiter de ce\nprobl\u00e8me pour injecter, soit directement, soit par le biais d\u0027une\napplication tierce, des requ\u00eates SQL arbitraires. La politique de\ns\u00e9curit\u00e9 est alors contourn\u00e9e.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2006-2314",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-2314"
},
{
"name": "CVE-2006-2313",
"url": "https://www.cve.org/CVERecord?id=CVE-2006-2313"
}
],
"initial_release_date": "2006-05-24T00:00:00",
"last_revision_date": "2006-08-21T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDKSA-2006:098 du 07 juin 2006 :",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:098"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 PostgreSQL du 22 mai 2006 :",
"url": "http://www.postgresql.org/docs/techdocs.50"
},
{
"title": "Page de mise \u00e0 jour PostgreSQL :",
"url": "http://www.postgresql.org/download"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 Debian DSA-1087 du 03 juin 2006 :",
"url": "http://www.debian.org/security/2006/dsa-1087"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 FreeBSD :",
"url": "http://www.vuxml.org/freebsd/pkg-ja-postgresql.html"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 RedHat du 26 mai 2006 :",
"url": "http://rhn.redhat.com/errata/RHSA-2006-0526.html"
}
],
"reference": "CERTA-2006-AVI-216",
"revisions": [
{
"description": "version initiale ;",
"revision_date": "2006-05-24T00:00:00.000000"
},
{
"description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 RedHat.",
"revision_date": "2006-05-26T00:00:00.000000"
},
{
"description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Debian.",
"revision_date": "2006-06-06T00:00:00.000000"
},
{
"description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 Mandriva.",
"revision_date": "2006-06-08T00:00:00.000000"
},
{
"description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 FreeBSD.",
"revision_date": "2006-08-21T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "Deux vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 identifi\u00e9es dans PostgreSQL. Elles peuvent\n\u00eatre utilis\u00e9es par une personne malveillante pour injecter des requ\u00eates\nSQL, afin d\u0027acc\u00e9der ou modifier les donn\u00e9es inclues dans la base, et\nainsi contourner la politique de s\u00e9curit\u00e9.\n",
"title": "Vuln\u00e9rabilit\u00e9s dans PostgreSQL",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 postgreSQL du 22 mai 2006",
"url": null
}
]
}
CVE-2006-2313 (GCVE-0-2006-2313)
Vulnerability from cvelistv5
Published
2006-05-24 10:00
Modified
2024-08-07 17:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters, aka one variant of "Encoding-Based SQL Injection."
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:43:29.081Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "GLSA-200607-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200607-04.xml"
},
{
"name": "20435",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20435"
},
{
"name": "18092",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18092"
},
{
"name": "20503",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20503"
},
{
"name": "20451",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20451"
},
{
"name": "21001",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21001"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.postgresql.org/docs/techdocs.50"
},
{
"name": "20231",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20231"
},
{
"name": "20653",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20653"
},
{
"name": "SUSE-SA:2006:030",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0002.html"
},
{
"name": "20782",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20782"
},
{
"name": "RHSA-2006:0526",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0526.html"
},
{
"name": "2006-0032",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0032/"
},
{
"name": "oval:org.mitre.oval:def:10618",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10618"
},
{
"name": "20060602-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc"
},
{
"name": "ADV-2006-1941",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1941"
},
{
"name": "20060524 rPSA-2006-0080-1 postgresql postgresql-server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/435161/100/0/threaded"
},
{
"name": "20232",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20232"
},
{
"name": "20060523 PostgreSQL security releases 8.1.4, 8.0.8, 7.4.13, 7.3.15",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/435038/100/0/threaded"
},
{
"name": "USN-288-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/288-1/"
},
{
"name": "MDKSA-2006:098",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:098"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-113.htm"
},
{
"name": "postgresql-multibyte-sql-injection(26627)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26627"
},
{
"name": "20555",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20555"
},
{
"name": "[pgsql-announce] 20060523 Security Releases for All Active Versions",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://archives.postgresql.org/pgsql-announce/2006-05/msg00010.php"
},
{
"name": "1016142",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016142"
},
{
"name": "USN-288-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-288-2"
},
{
"name": "20314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20314"
},
{
"name": "DSA-1087",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1087"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters, aka one variant of \"Encoding-Based SQL Injection.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "GLSA-200607-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200607-04.xml"
},
{
"name": "20435",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20435"
},
{
"name": "18092",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18092"
},
{
"name": "20503",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20503"
},
{
"name": "20451",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20451"
},
{
"name": "21001",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21001"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.postgresql.org/docs/techdocs.50"
},
{
"name": "20231",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20231"
},
{
"name": "20653",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20653"
},
{
"name": "SUSE-SA:2006:030",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0002.html"
},
{
"name": "20782",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20782"
},
{
"name": "RHSA-2006:0526",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0526.html"
},
{
"name": "2006-0032",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0032/"
},
{
"name": "oval:org.mitre.oval:def:10618",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10618"
},
{
"name": "20060602-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc"
},
{
"name": "ADV-2006-1941",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1941"
},
{
"name": "20060524 rPSA-2006-0080-1 postgresql postgresql-server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/435161/100/0/threaded"
},
{
"name": "20232",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20232"
},
{
"name": "20060523 PostgreSQL security releases 8.1.4, 8.0.8, 7.4.13, 7.3.15",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/435038/100/0/threaded"
},
{
"name": "USN-288-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/288-1/"
},
{
"name": "MDKSA-2006:098",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:098"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-113.htm"
},
{
"name": "postgresql-multibyte-sql-injection(26627)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26627"
},
{
"name": "20555",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20555"
},
{
"name": "[pgsql-announce] 20060523 Security Releases for All Active Versions",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://archives.postgresql.org/pgsql-announce/2006-05/msg00010.php"
},
{
"name": "1016142",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016142"
},
{
"name": "USN-288-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-288-2"
},
{
"name": "20314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20314"
},
{
"name": "DSA-1087",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1087"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2313",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters, aka one variant of \"Encoding-Based SQL Injection.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "GLSA-200607-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200607-04.xml"
},
{
"name": "20435",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20435"
},
{
"name": "18092",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18092"
},
{
"name": "20503",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20503"
},
{
"name": "20451",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20451"
},
{
"name": "21001",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21001"
},
{
"name": "http://www.postgresql.org/docs/techdocs.50",
"refsource": "CONFIRM",
"url": "http://www.postgresql.org/docs/techdocs.50"
},
{
"name": "20231",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20231"
},
{
"name": "20653",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20653"
},
{
"name": "SUSE-SA:2006:030",
"refsource": "SUSE",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0002.html"
},
{
"name": "20782",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20782"
},
{
"name": "RHSA-2006:0526",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0526.html"
},
{
"name": "2006-0032",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2006/0032/"
},
{
"name": "oval:org.mitre.oval:def:10618",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10618"
},
{
"name": "20060602-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc"
},
{
"name": "ADV-2006-1941",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1941"
},
{
"name": "20060524 rPSA-2006-0080-1 postgresql postgresql-server",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435161/100/0/threaded"
},
{
"name": "20232",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20232"
},
{
"name": "20060523 PostgreSQL security releases 8.1.4, 8.0.8, 7.4.13, 7.3.15",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435038/100/0/threaded"
},
{
"name": "USN-288-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/288-1/"
},
{
"name": "MDKSA-2006:098",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:098"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-113.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-113.htm"
},
{
"name": "postgresql-multibyte-sql-injection(26627)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26627"
},
{
"name": "20555",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20555"
},
{
"name": "[pgsql-announce] 20060523 Security Releases for All Active Versions",
"refsource": "MLIST",
"url": "http://archives.postgresql.org/pgsql-announce/2006-05/msg00010.php"
},
{
"name": "1016142",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016142"
},
{
"name": "USN-288-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-288-2"
},
{
"name": "20314",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20314"
},
{
"name": "DSA-1087",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1087"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2313",
"datePublished": "2006-05-24T10:00:00",
"dateReserved": "2006-05-11T00:00:00",
"dateUpdated": "2024-08-07T17:43:29.081Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-2314 (GCVE-0-2006-2314)
Vulnerability from cvelistv5
Published
2006-05-24 10:00
Modified
2024-08-07 17:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications that use multibyte encodings that allow the "\" (backslash) byte 0x5c to be the trailing byte of a multibyte character, such as SJIS, BIG5, GBK, GB18030, and UHC, which cannot be handled correctly by a client that does not understand multibyte encodings, aka a second variant of "Encoding-Based SQL Injection." NOTE: it could be argued that this is a class of issue related to interaction errors between the client and PostgreSQL, but a CVE has been assigned since PostgreSQL is treating this as a preventative measure against this class of problem.
References
| URL | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T17:43:29.163Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "postgresql-ascii-sql-injection(26628)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26628"
},
{
"name": "GLSA-200607-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "http://security.gentoo.org/glsa/glsa-200607-04.xml"
},
{
"name": "20435",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20435"
},
{
"name": "18092",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18092"
},
{
"name": "20503",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20503"
},
{
"name": "20451",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20451"
},
{
"name": "21001",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21001"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.postgresql.org/docs/techdocs.50"
},
{
"name": "20231",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20231"
},
{
"name": "20653",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20653"
},
{
"name": "SUSE-SA:2006:030",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0002.html"
},
{
"name": "21749",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21749"
},
{
"name": "25731",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/25731"
},
{
"name": "20782",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20782"
},
{
"name": "RHSA-2006:0526",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0526.html"
},
{
"name": "2006-0032",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX",
"x_transferred"
],
"url": "http://www.trustix.org/errata/2006/0032/"
},
{
"name": "20060602-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI",
"x_transferred"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc"
},
{
"name": "ADV-2006-1941",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/1941"
},
{
"name": "20060524 rPSA-2006-0080-1 postgresql postgresql-server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/435161/100/0/threaded"
},
{
"name": "20232",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20232"
},
{
"name": "20060523 PostgreSQL security releases 8.1.4, 8.0.8, 7.4.13, 7.3.15",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/435038/100/0/threaded"
},
{
"name": "USN-288-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/288-1/"
},
{
"name": "MDKSA-2006:098",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA",
"x_transferred"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:098"
},
{
"name": "SUSE-SR:2006:021",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://www.novell.com/linux/security/advisories/2006_21_sr.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-113.htm"
},
{
"name": "postgresql-multibyte-sql-injection(26627)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26627"
},
{
"name": "oval:org.mitre.oval:def:9947",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9947"
},
{
"name": "20555",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20555"
},
{
"name": "[pgsql-announce] 20060523 Security Releases for All Active Versions",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://archives.postgresql.org/pgsql-announce/2006-05/msg00010.php"
},
{
"name": "1016142",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016142"
},
{
"name": "USN-288-3",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-288-3"
},
{
"name": "USN-288-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "http://www.ubuntu.com/usn/usn-288-2"
},
{
"name": "20314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/20314"
},
{
"name": "DSA-1087",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2006/dsa-1087"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-05-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications that use multibyte encodings that allow the \"\\\" (backslash) byte 0x5c to be the trailing byte of a multibyte character, such as SJIS, BIG5, GBK, GB18030, and UHC, which cannot be handled correctly by a client that does not understand multibyte encodings, aka a second variant of \"Encoding-Based SQL Injection.\" NOTE: it could be argued that this is a class of issue related to interaction errors between the client and PostgreSQL, but a CVE has been assigned since PostgreSQL is treating this as a preventative measure against this class of problem."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "postgresql-ascii-sql-injection(26628)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26628"
},
{
"name": "GLSA-200607-04",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "http://security.gentoo.org/glsa/glsa-200607-04.xml"
},
{
"name": "20435",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20435"
},
{
"name": "18092",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18092"
},
{
"name": "20503",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20503"
},
{
"name": "20451",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20451"
},
{
"name": "21001",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21001"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.postgresql.org/docs/techdocs.50"
},
{
"name": "20231",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20231"
},
{
"name": "20653",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20653"
},
{
"name": "SUSE-SA:2006:030",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0002.html"
},
{
"name": "21749",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21749"
},
{
"name": "25731",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/25731"
},
{
"name": "20782",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20782"
},
{
"name": "RHSA-2006:0526",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://www.redhat.com/support/errata/RHSA-2006-0526.html"
},
{
"name": "2006-0032",
"tags": [
"vendor-advisory",
"x_refsource_TRUSTIX"
],
"url": "http://www.trustix.org/errata/2006/0032/"
},
{
"name": "20060602-01-U",
"tags": [
"vendor-advisory",
"x_refsource_SGI"
],
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc"
},
{
"name": "ADV-2006-1941",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/1941"
},
{
"name": "20060524 rPSA-2006-0080-1 postgresql postgresql-server",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/435161/100/0/threaded"
},
{
"name": "20232",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20232"
},
{
"name": "20060523 PostgreSQL security releases 8.1.4, 8.0.8, 7.4.13, 7.3.15",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/435038/100/0/threaded"
},
{
"name": "USN-288-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/288-1/"
},
{
"name": "MDKSA-2006:098",
"tags": [
"vendor-advisory",
"x_refsource_MANDRIVA"
],
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:098"
},
{
"name": "SUSE-SR:2006:021",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://www.novell.com/linux/security/advisories/2006_21_sr.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-113.htm"
},
{
"name": "postgresql-multibyte-sql-injection(26627)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26627"
},
{
"name": "oval:org.mitre.oval:def:9947",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9947"
},
{
"name": "20555",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20555"
},
{
"name": "[pgsql-announce] 20060523 Security Releases for All Active Versions",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://archives.postgresql.org/pgsql-announce/2006-05/msg00010.php"
},
{
"name": "1016142",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016142"
},
{
"name": "USN-288-3",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-288-3"
},
{
"name": "USN-288-2",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "http://www.ubuntu.com/usn/usn-288-2"
},
{
"name": "20314",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/20314"
},
{
"name": "DSA-1087",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2006/dsa-1087"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-2314",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications that use multibyte encodings that allow the \"\\\" (backslash) byte 0x5c to be the trailing byte of a multibyte character, such as SJIS, BIG5, GBK, GB18030, and UHC, which cannot be handled correctly by a client that does not understand multibyte encodings, aka a second variant of \"Encoding-Based SQL Injection.\" NOTE: it could be argued that this is a class of issue related to interaction errors between the client and PostgreSQL, but a CVE has been assigned since PostgreSQL is treating this as a preventative measure against this class of problem."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "postgresql-ascii-sql-injection(26628)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26628"
},
{
"name": "GLSA-200607-04",
"refsource": "GENTOO",
"url": "http://security.gentoo.org/glsa/glsa-200607-04.xml"
},
{
"name": "20435",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20435"
},
{
"name": "18092",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18092"
},
{
"name": "20503",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20503"
},
{
"name": "20451",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20451"
},
{
"name": "21001",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21001"
},
{
"name": "http://www.postgresql.org/docs/techdocs.50",
"refsource": "CONFIRM",
"url": "http://www.postgresql.org/docs/techdocs.50"
},
{
"name": "20231",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20231"
},
{
"name": "20653",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20653"
},
{
"name": "SUSE-SA:2006:030",
"refsource": "SUSE",
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Jun/0002.html"
},
{
"name": "21749",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21749"
},
{
"name": "25731",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/25731"
},
{
"name": "20782",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20782"
},
{
"name": "RHSA-2006:0526",
"refsource": "REDHAT",
"url": "http://www.redhat.com/support/errata/RHSA-2006-0526.html"
},
{
"name": "2006-0032",
"refsource": "TRUSTIX",
"url": "http://www.trustix.org/errata/2006/0032/"
},
{
"name": "20060602-01-U",
"refsource": "SGI",
"url": "ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc"
},
{
"name": "ADV-2006-1941",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/1941"
},
{
"name": "20060524 rPSA-2006-0080-1 postgresql postgresql-server",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435161/100/0/threaded"
},
{
"name": "20232",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20232"
},
{
"name": "20060523 PostgreSQL security releases 8.1.4, 8.0.8, 7.4.13, 7.3.15",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/435038/100/0/threaded"
},
{
"name": "USN-288-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/288-1/"
},
{
"name": "MDKSA-2006:098",
"refsource": "MANDRIVA",
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:098"
},
{
"name": "SUSE-SR:2006:021",
"refsource": "SUSE",
"url": "http://www.novell.com/linux/security/advisories/2006_21_sr.html"
},
{
"name": "http://support.avaya.com/elmodocs2/security/ASA-2006-113.htm",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-113.htm"
},
{
"name": "postgresql-multibyte-sql-injection(26627)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/26627"
},
{
"name": "oval:org.mitre.oval:def:9947",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9947"
},
{
"name": "20555",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20555"
},
{
"name": "[pgsql-announce] 20060523 Security Releases for All Active Versions",
"refsource": "MLIST",
"url": "http://archives.postgresql.org/pgsql-announce/2006-05/msg00010.php"
},
{
"name": "1016142",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016142"
},
{
"name": "USN-288-3",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-288-3"
},
{
"name": "USN-288-2",
"refsource": "UBUNTU",
"url": "http://www.ubuntu.com/usn/usn-288-2"
},
{
"name": "20314",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/20314"
},
{
"name": "DSA-1087",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2006/dsa-1087"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-2314",
"datePublished": "2006-05-24T10:00:00",
"dateReserved": "2006-05-11T00:00:00",
"dateUpdated": "2024-08-07T17:43:29.163Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…