Описание
Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service (server crash) via unspecified vectors, which are not properly handled in (1) json or (2) jsonb values.
A stack overflow flaw was discovered in the way the PostgreSQL core server processed certain JSON or JSONB input. An authenticated attacker could possibly use this flaw to crash the server backend by sending specially crafted JSON or JSONB input.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | postgresql | Not affected | ||
| Red Hat Enterprise Linux 5 | postgresql84 | Not affected | ||
| Red Hat Enterprise Linux 6 | postgresql | Not affected | ||
| Red Hat JBoss Enterprise Web Server 1 | postgresql | Not affected | ||
| Red Hat Satellite 5.7 | postgresql92-postgresql | Affected | ||
| Red Hat Enterprise Linux 7 | postgresql | Fixed | RHSA-2015:2078 | 19.11.2015 |
| Red Hat Software Collections for Red Hat Enterprise Linux 6 | rh-postgresql94-postgresql | Fixed | RHSA-2015:2077 | 18.11.2015 |
| Red Hat Software Collections for Red Hat Enterprise Linux 6 | postgresql92-postgresql | Fixed | RHSA-2015:2083 | 18.11.2015 |
| Red Hat Software Collections for Red Hat Enterprise Linux 6.5 EUS | rh-postgresql94-postgresql | Fixed | RHSA-2015:2077 | 18.11.2015 |
| Red Hat Software Collections for Red Hat Enterprise Linux 6.5 EUS | postgresql92-postgresql | Fixed | RHSA-2015:2083 | 18.11.2015 |
Показывать по
Дополнительная информация
Статус:
4.3 Medium
CVSS2
Связанные уязвимости
Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service (server crash) via unspecified vectors, which are not properly handled in (1) json or (2) jsonb values.
Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service (server crash) via unspecified vectors, which are not properly handled in (1) json or (2) jsonb values.
Multiple stack-based buffer overflows in json parsing in PostgreSQL be ...
Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service (server crash) via unspecified vectors, which are not properly handled in (1) json or (2) jsonb values.
Уязвимости системы управления базами данных PostgreSQL, позволяющие нарушителю вызвать отказ в обслуживании
4.3 Medium
CVSS2