Lucene search

K
nvd[email protected]NVD:CVE-2010-4015
HistoryFeb 02, 2011 - 1:00 a.m.

CVE-2010-4015

2011-02-0201:00:03
CWE-189
web.nvd.nist.gov

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

7.5

Confidence

Low

EPSS

0.019

Percentile

88.5%

Buffer overflow in the gettoken function in contrib/intarray/_int_bool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via integers with a large number of digits to unspecified functions.

Affected configurations

NVD
Node
postgresqlpostgresqlMatch8.3
OR
postgresqlpostgresqlMatch8.3.1
OR
postgresqlpostgresqlMatch8.3.2
OR
postgresqlpostgresqlMatch8.3.3
OR
postgresqlpostgresqlMatch8.3.4
OR
postgresqlpostgresqlMatch8.3.5
OR
postgresqlpostgresqlMatch8.3.6
OR
postgresqlpostgresqlMatch8.3.7
OR
postgresqlpostgresqlMatch8.3.8
OR
postgresqlpostgresqlMatch8.3.9
OR
postgresqlpostgresqlMatch8.3.10
OR
postgresqlpostgresqlMatch8.3.11
OR
postgresqlpostgresqlMatch8.3.12
OR
postgresqlpostgresqlMatch8.3.13
Node
postgresqlpostgresqlMatch9.0
OR
postgresqlpostgresqlMatch9.0.1
OR
postgresqlpostgresqlMatch9.0.2
Node
postgresqlpostgresqlMatch8.4
OR
postgresqlpostgresqlMatch8.4.1
OR
postgresqlpostgresqlMatch8.4.2
OR
postgresqlpostgresqlMatch8.4.3
OR
postgresqlpostgresqlMatch8.4.4
OR
postgresqlpostgresqlMatch8.4.5
OR
postgresqlpostgresqlMatch8.4.6
Node
postgresqlpostgresqlMatch8.2
OR
postgresqlpostgresqlMatch8.2.1
OR
postgresqlpostgresqlMatch8.2.2
OR
postgresqlpostgresqlMatch8.2.3
OR
postgresqlpostgresqlMatch8.2.4
OR
postgresqlpostgresqlMatch8.2.5
OR
postgresqlpostgresqlMatch8.2.6
OR
postgresqlpostgresqlMatch8.2.7
OR
postgresqlpostgresqlMatch8.2.8
OR
postgresqlpostgresqlMatch8.2.9
OR
postgresqlpostgresqlMatch8.2.10
OR
postgresqlpostgresqlMatch8.2.11
OR
postgresqlpostgresqlMatch8.2.12
OR
postgresqlpostgresqlMatch8.2.13
OR
postgresqlpostgresqlMatch8.2.14
OR
postgresqlpostgresqlMatch8.2.15
OR
postgresqlpostgresqlMatch8.2.16
OR
postgresqlpostgresqlMatch8.2.17
OR
postgresqlpostgresqlMatch8.2.18
OR
postgresqlpostgresqlMatch8.2.19

References

CVSS2

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:P/I:P/A:P

AI Score

7.5

Confidence

Low

EPSS

0.019

Percentile

88.5%