CVE-2007-4772

Опубликовано: 09 янв. 2008

Источник: nvd

CVSS2: 4

EPSS Низкий

Описание

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.

Ссылки

http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154
Broken Link
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154
Broken Link
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html
Mailing List
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html
Mailing List
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2013-0122.html
Third Party Advisory
http://secunia.com/advisories/28359
Third Party Advisory
http://secunia.com/advisories/28376
Third Party Advisory
http://secunia.com/advisories/28437
Third Party Advisory
http://secunia.com/advisories/28438
Third Party Advisory
http://secunia.com/advisories/28454
Third Party Advisory
http://secunia.com/advisories/28455
Third Party Advisory
http://secunia.com/advisories/28464
Third Party Advisory
http://secunia.com/advisories/28477
Third Party Advisory
http://secunia.com/advisories/28479
Third Party Advisory
http://secunia.com/advisories/28679
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*

Версия от 7.4 (включая) до 7.4.19 (исключая)

cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*

Версия от 8.0 (включая) до 8.0.15 (исключая)

cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*

Версия от 8.1 (включая) до 8.1.11 (исключая)

cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*

Версия от 8.2 (включая) до 8.2.6 (исключая)

cpe:2.3:a:tcl:tcl\/tk:*:*:*:*:*:*:*:*

Версия до 8.4.17 (исключая)

Конфигурация 2

cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:*

EPSS

Процентиль: 77%

0.01069

Низкий

4 Medium

CVSS2

Дефекты

CWE-399

Связанные уязвимости

CVE-2007-4772

ubuntu

больше 17 лет назад

CVE-2007-4772

redhat

больше 17 лет назад

CVE-2007-4772

debian

больше 17 лет назад

The regular expression parser in TCL before 8.4.17, as used in Postgre ...

GHSA-x3q3-v77f-cg26

github

около 3 лет назад

ELSA-2013-0122

oracle-oval

больше 12 лет назад

ELSA-2013-0122: tcl security and bug fix update (MODERATE)

EPSS

Процентиль: 77%

0.01069

Низкий

4 Medium

CVSS2

Дефекты

CWE-399