CVE-2005-1409
6.1 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
75.5%
PostgreSQL 7.3.x through 8.0.x gives public EXECUTE access to certain character conversion functions, which allows unprivileged users to call those functions with malicious values, with unknown impact, aka the “Character conversion vulnerability.”
References
archives.postgresql.org/pgsql-announce/2005-05/msg00001.php
www.novell.com/linux/security/advisories/2005_36_sudo.html
www.postgresql.org/about/news.315
www.redhat.com/support/errata/RHSA-2005-433.html
www.securityfocus.com/archive/1/426302/30/6680/threaded
www.securityfocus.com/bid/13476
www.vupen.com/english/advisories/2005/0453
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10050
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A676
Related
6.1 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.005 Low
EPSS
Percentile
75.5%