Lucene search

[email protected]NVD:CVE-2006-2313

HistoryMay 24, 2006 - 10:06 a.m.

CVE-2006-2313

2006-05-2410:06:00

[email protected]

web.nvd.nist.gov

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.6%

JSON

PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters, aka one variant of “Encoding-Based SQL Injection.”

Affected configurations

NVD

Node

postgresqlpostgresqlMatch7.3

postgresqlpostgresqlMatch7.3.1

postgresqlpostgresqlMatch7.3.2

postgresqlpostgresqlMatch7.3.3

postgresqlpostgresqlMatch7.3.4

postgresqlpostgresqlMatch7.3.5

postgresqlpostgresqlMatch7.3.6

postgresqlpostgresqlMatch7.3.7

postgresqlpostgresqlMatch7.3.8

postgresqlpostgresqlMatch7.3.9

postgresqlpostgresqlMatch7.3.10

postgresqlpostgresqlMatch7.3.11

postgresqlpostgresqlMatch7.3.12

postgresqlpostgresqlMatch7.3.13

postgresqlpostgresqlMatch7.3.14

postgresqlpostgresqlMatch7.4

postgresqlpostgresqlMatch7.4.1

postgresqlpostgresqlMatch7.4.2

postgresqlpostgresqlMatch7.4.3

postgresqlpostgresqlMatch7.4.4

postgresqlpostgresqlMatch7.4.5

postgresqlpostgresqlMatch7.4.6

postgresqlpostgresqlMatch7.4.7

postgresqlpostgresqlMatch7.4.8

postgresqlpostgresqlMatch7.4.9

postgresqlpostgresqlMatch7.4.10

postgresqlpostgresqlMatch7.4.11

postgresqlpostgresqlMatch7.4.12

postgresqlpostgresqlMatch8.0

postgresqlpostgresqlMatch8.0.1

postgresqlpostgresqlMatch8.0.2

postgresqlpostgresqlMatch8.0.3

postgresqlpostgresqlMatch8.0.4

postgresqlpostgresqlMatch8.0.5

postgresqlpostgresqlMatch8.0.6

postgresqlpostgresqlMatch8.0.7

postgresqlpostgresqlMatch8.1

postgresqlpostgresqlMatch8.1.1

postgresqlpostgresqlMatch8.1.2

postgresqlpostgresqlMatch8.1.3

References

ftp://patches.sgi.com/support/free/security/advisories/20060602-01-U.asc

archives.postgresql.org/pgsql-announce/2006-05/msg00010.php

lists.suse.com/archive/suse-security-announce/2006-Jun/0002.html

secunia.com/advisories/20231

secunia.com/advisories/20232

secunia.com/advisories/20314

secunia.com/advisories/20435

secunia.com/advisories/20451

secunia.com/advisories/20503

secunia.com/advisories/20555

secunia.com/advisories/20653

secunia.com/advisories/20782

secunia.com/advisories/21001

security.gentoo.org/glsa/glsa-200607-04.xml

securitytracker.com/id?1016142

support.avaya.com/elmodocs2/security/ASA-2006-113.htm

www.debian.org/security/2006/dsa-1087

www.mandriva.com/security/advisories?name=MDKSA-2006:098

www.postgresql.org/docs/techdocs.50

www.redhat.com/support/errata/RHSA-2006-0526.html

www.securityfocus.com/archive/1/435038/100/0/threaded

www.securityfocus.com/archive/1/435161/100/0/threaded

www.securityfocus.com/bid/18092

www.trustix.org/errata/2006/0032/

www.ubuntu.com/usn/usn-288-2

www.vupen.com/english/advisories/2006/1941

exchange.xforce.ibmcloud.com/vulnerabilities/26627

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10618

usn.ubuntu.com/288-1/

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.1 High

AI Score

Confidence

Low

0.016 Low

EPSS

Percentile

87.6%

JSON

Related for NVD:CVE-2006-2313

postgresql1 cvelist2 prion2 ubuntucve1 cve2 nessus15 openvas10 ubuntu3 securityvulns2 osv1 gentoo1 fedora1 freebsd1 debian1 suse1 centos1 nvd1 redhat1