Lucene search

[email protected]NVD:CVE-2012-2655

HistoryJul 18, 2012 - 11:55 p.m.

CVE-2012-2655

2012-07-1823:55:01

CWE-399

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

AI Score

6.1

Confidence

High

EPSS

0.012

Percentile

85.3%

JSON

PostgreSQL 8.3.x before 8.3.19, 8.4.x before 8.4.12, 9.0.x before 9.0.8, and 9.1.x before 9.1.4 allows remote authenticated users to cause a denial of service (server crash) by adding the (1) SECURITY DEFINER or (2) SET attributes to a procedural language’s call handler.

Affected configurations

NVD

Node

postgresqlpostgresqlMatch8.3

postgresqlpostgresqlMatch8.3.1

postgresqlpostgresqlMatch8.3.2

postgresqlpostgresqlMatch8.3.3

postgresqlpostgresqlMatch8.3.4

postgresqlpostgresqlMatch8.3.5

postgresqlpostgresqlMatch8.3.6

postgresqlpostgresqlMatch8.3.7

postgresqlpostgresqlMatch8.3.8

postgresqlpostgresqlMatch8.3.9

postgresqlpostgresqlMatch8.3.10

postgresqlpostgresqlMatch8.3.11

postgresqlpostgresqlMatch8.3.12

postgresqlpostgresqlMatch8.3.13

postgresqlpostgresqlMatch8.3.14

postgresqlpostgresqlMatch8.3.15

postgresqlpostgresqlMatch8.3.16

postgresqlpostgresqlMatch8.3.17

postgresqlpostgresqlMatch8.3.18

Node

postgresqlpostgresqlMatch8.4

postgresqlpostgresqlMatch8.4.1

postgresqlpostgresqlMatch8.4.2

postgresqlpostgresqlMatch8.4.3

postgresqlpostgresqlMatch8.4.4

postgresqlpostgresqlMatch8.4.5

postgresqlpostgresqlMatch8.4.6

postgresqlpostgresqlMatch8.4.7

postgresqlpostgresqlMatch8.4.8

postgresqlpostgresqlMatch8.4.9

postgresqlpostgresqlMatch8.4.10

postgresqlpostgresqlMatch8.4.11

Node

postgresqlpostgresqlMatch9.0

postgresqlpostgresqlMatch9.0.1

postgresqlpostgresqlMatch9.0.2

postgresqlpostgresqlMatch9.0.3

postgresqlpostgresqlMatch9.0.4

postgresqlpostgresqlMatch9.0.5

postgresqlpostgresqlMatch9.0.6

postgresqlpostgresqlMatch9.0.7

Node

postgresqlpostgresqlMatch9.1

postgresqlpostgresqlMatch9.1.1

postgresqlpostgresqlMatch9.1.2

postgresqlpostgresqlMatch9.1.3

References

lists.fedoraproject.org/pipermail/package-announce/2012-June/082258.html

lists.fedoraproject.org/pipermail/package-announce/2012-June/082292.html

lists.fedoraproject.org/pipermail/package-announce/2012-June/082294.html

lists.opensuse.org/opensuse-updates/2012-09/msg00102.html

lists.opensuse.org/opensuse-updates/2012-10/msg00013.html

lists.opensuse.org/opensuse-updates/2012-10/msg00024.html

rhn.redhat.com/errata/RHSA-2012-1037.html

secunia.com/advisories/50718

www.debian.org/security/2012/dsa-2491

www.mandriva.com/security/advisories?name=MDVSA-2012:092

www.postgresql.org/about/news/1398/

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

AI Score

6.1

Confidence

High

EPSS

0.012

Percentile

85.3%

JSON

Related for NVD:CVE-2012-2655

cve1 ubuntucve1 seebug1 cvelist1 postgresql1 prion1 securityvulns2 openvas32 veracode1 nessus21 debian1 ubuntu1 fedora7 amazon1 centos1 redhat1 osv1 oraclelinux1 gentoo1