3.5 Low
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:S/C:N/I:N/A:P
0.04 Low
EPSS
Percentile
92.1%
Integer overflow in src/backend/executor/nodeHash.c in PostgreSQL 8.4.1 and
earlier, and 8.5 through 8.5alpha2, allows remote authenticated users to
cause a denial of service (daemon crash) via a SELECT statement with many
LEFT JOIN clauses, related to certain hashtable size calculations.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 6.06 | noarch | postgresql-8.1 | <ย 8.1.19-0ubuntu0.6.06 | UNKNOWN |
ubuntu | 8.04 | noarch | postgresql-8.3 | <ย 8.3.9-0ubuntu8.04 | UNKNOWN |
ubuntu | 8.10 | noarch | postgresql-8.3 | <ย 8.3.9-0ubuntu8.10 | UNKNOWN |
ubuntu | 9.04 | noarch | postgresql-8.3 | <ย 8.3.9-0ubuntu9.04 | UNKNOWN |
ubuntu | 9.10 | noarch | postgresql-8.4 | <ย 8.4.2-0ubuntu9.10 | UNKNOWN |
ubuntu | 10.04 | noarch | postgresql-8.4 | <ย 8.4.3-1 | UNKNOWN |
ubuntu | 10.10 | noarch | postgresql-8.4 | <ย 8.4.3-1 | UNKNOWN |
ubuntu | 11.04 | noarch | postgresql-8.4 | <ย 8.4.3-1 | UNKNOWN |
ubuntu | 11.10 | noarch | postgresql-8.4 | <ย 8.4.3-1 | UNKNOWN |