Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2015-0243

Опубликовано: 16 фев. 2015
Источник: redhat
CVSS2: 6
EPSS Низкий

Описание

Multiple buffer overflows in contrib/pgcrypto in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

A stack-buffer overflow flaw was found in PostgreSQL's pgcrypto module. An authenticated database user could use this flaw to cause PostgreSQL to crash or, potentially, execute arbitrary code with the permissions of the user running PostgreSQL.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
CloudForms Management Engine 5postgresqlWill not fix
CloudForms Management Engine 5postgresql92-postgresqlWill not fix
Red Hat Enterprise Linux 5postgresqlWill not fix
Red Hat Enterprise Linux 5postgresql84Will not fix
Red Hat Software Collectionsrh-postgresql94-postgresqlAffected
Red Hat Enterprise Linux 6postgresqlFixedRHSA-2015:075030.03.2015
Red Hat Enterprise Linux 7postgresqlFixedRHSA-2015:075030.03.2015
Red Hat Satellite 5.7postgresql92-postgresqlFixedRHSA-2015:085620.04.2015
Red Hat Software Collections 1 for Red Hat Enterprise Linux 6postgresql92-postgresqlFixedRHSA-2015:069918.03.2015
Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.5 EUSpostgresql92-postgresqlFixedRHSA-2015:069918.03.2015

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=1188689postgresql: buffer overflow flaws in contrib/pgcrypto

EPSS

Процентиль: 84%
0.02236
Низкий

6 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2015-0243

CVSS3: 8.8
ubuntu
больше 5 лет назад

Multiple buffer overflows in contrib/pgcrypto in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

nvd логотип

CVE-2015-0243

CVSS3: 8.8
nvd
больше 5 лет назад

Multiple buffer overflows in contrib/pgcrypto in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

debian логотип

CVE-2015-0243

CVSS3: 8.8
debian
больше 5 лет назад

Multiple buffer overflows in contrib/pgcrypto in PostgreSQL before 9.0 ...

github логотип

GHSA-4c7q-44j3-76m6

github
около 3 лет назад

Multiple buffer overflows in contrib/pgcrypto in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.

suse-cvrf логотип

SUSE-SU-2015:0639-1

suse-cvrf
больше 10 лет назад

Security update for postgresql91

EPSS

Процентиль: 84%
0.02236
Низкий

6 Medium

CVSS2

Уязвимость CVE-2015-0243