Описание
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 4 | tcl | Will not fix | ||
| Red Hat Enterprise Linux 2.1 | tcltk | Fixed | RHSA-2008:0134 | 21.02.2008 |
| Red Hat Enterprise Linux 3 | tcltk | Fixed | RHSA-2008:0134 | 21.02.2008 |
| Red Hat Enterprise Linux 4 | postgresql | Fixed | RHSA-2008:0038 | 11.01.2008 |
| Red Hat Enterprise Linux 5 | postgresql | Fixed | RHSA-2008:0038 | 11.01.2008 |
| Red Hat Enterprise Linux 5 | tcl | Fixed | RHSA-2013:0122 | 08.01.2013 |
| Red Hat Web Application Stack for RHEL 4 | postgresql | Fixed | RHSA-2008:0040 | 01.02.2008 |
Показывать по
Дополнительная информация
Статус:
EPSS
1.5 Low
CVSS2
Связанные уязвимости
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.
The regular expression parser in TCL before 8.4.17, as used in Postgre ...
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.
ELSA-2013-0122: tcl security and bug fix update (MODERATE)
EPSS
1.5 Low
CVSS2