Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-3065

Опубликовано: 31 мар. 2016
Источник: redhat
CVSS2: 4.9
EPSS Низкий

Описание

The (1) brin_page_type and (2) brin_metapage_info functions in the pageinspect extension in PostgreSQL before 9.5.x before 9.5.2 allows attackers to bypass intended access restrictions and consequently obtain sensitive server memory information or cause a denial of service (server crash) via a crafted bytea value in a BRIN index page.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
CloudForms Management Engine 5postgresqlNot affected
CloudForms Management Engine 5postgresql92-postgresqlNot affected
Red Hat Enterprise Linux 5postgresqlNot affected
Red Hat Enterprise Linux 5postgresql84Not affected
Red Hat Enterprise Linux 6postgresqlNot affected
Red Hat Enterprise Linux 7postgresqlNot affected
Red Hat Satellite 5.7postgresql92-postgresqlNot affected
Red Hat Software Collectionspostgresql92-postgresqlNot affected
Red Hat Software Collectionsrh-postgresql94-postgresqlNot affected
Red Hat Software Collectionsrh-postgresql95-postgresqlNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1319810postgresql: memory disclosure in pageinspect functions

EPSS

Процентиль: 77%
0.0112
Низкий

4.9 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2016-3065

CVSS3: 9.1
ubuntu
больше 9 лет назад

The (1) brin_page_type and (2) brin_metapage_info functions in the pageinspect extension in PostgreSQL before 9.5.x before 9.5.2 allows attackers to bypass intended access restrictions and consequently obtain sensitive server memory information or cause a denial of service (server crash) via a crafted bytea value in a BRIN index page.

nvd логотип

CVE-2016-3065

CVSS3: 9.1
nvd
больше 9 лет назад

The (1) brin_page_type and (2) brin_metapage_info functions in the pageinspect extension in PostgreSQL before 9.5.x before 9.5.2 allows attackers to bypass intended access restrictions and consequently obtain sensitive server memory information or cause a denial of service (server crash) via a crafted bytea value in a BRIN index page.

debian логотип

CVE-2016-3065

CVSS3: 9.1
debian
больше 9 лет назад

The (1) brin_page_type and (2) brin_metapage_info functions in the pag ...

github логотип

GHSA-8v7w-4wg8-q7v4

CVSS3: 9.1
github
около 3 лет назад

The (1) brin_page_type and (2) brin_metapage_info functions in the pageinspect extension in PostgreSQL before 9.5.x before 9.5.2 allows attackers to bypass intended access restrictions and consequently obtain sensitive server memory information or cause a denial of service (server crash) via a crafted bytea value in a BRIN index page.

EPSS

Процентиль: 77%
0.0112
Низкий

4.9 Medium

CVSS2