mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 01:02:25 +00:00
292 lines
8.0 KiB
JSON
292 lines
8.0 KiB
JSON
{
|
|
"id": "CVE-2007-0555",
|
|
"sourceIdentifier": "cve@mitre.org",
|
|
"published": "2007-02-06T01:28:00.000",
|
|
"lastModified": "2023-01-19T20:10:00.510",
|
|
"vulnStatus": "Analyzed",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "PostgreSQL 7.3 before 7.3.13, 7.4 before 7.4.16, 8.0 before 8.0.11, 8.1 before 8.1.7, and 8.2 before 8.2.2 allows attackers to disable certain checks for the data types of SQL function arguments, which allows remote authenticated users to cause a denial of service (server crash) and possibly access database content."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "PostgreSQL 7.3 anterior a 7.3.13, 7.4 anterior a 7.4.16, 8.0 anterior a 8.0.11, 8.1 anterior a 8.1.7, y 8.2 anterior a 8.2.2 permite a los atacantes desactivar determinadas comprobaciones de los tipos de datos de los argumentos de funciones SQL, lo cual permite a usuarios autenticados remotamente provocar una denegaci\u00f3n de servicio (ca\u00edda del servidor) y posiblemente acceder a contenido de la base de datos."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:C",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "SINGLE",
|
|
"confidentialityImpact": "COMPLETE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "COMPLETE",
|
|
"baseScore": 8.5
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 8.0,
|
|
"impactScore": 9.2,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-Other"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "7.3",
|
|
"versionEndExcluding": "7.3.18",
|
|
"matchCriteriaId": "74C80C9C-E694-411A-8FFA-37086DA93E98"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "7.4",
|
|
"versionEndExcluding": "7.4.16",
|
|
"matchCriteriaId": "4222C601-5A7B-4271-BB7E-60C6AB0A44F0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "8.0",
|
|
"versionEndExcluding": "8.0.11",
|
|
"matchCriteriaId": "3126BF80-DE85-4528-929B-BF5AE975D34F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "8.1",
|
|
"versionEndExcluding": "8.1.7",
|
|
"matchCriteriaId": "6245E857-5D6D-48BC-ACD0-F9E7640DDBE8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "8.2",
|
|
"versionEndExcluding": "8.2.2",
|
|
"matchCriteriaId": "4291E43E-C563-4994-A769-A7D94F4186CC"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://fedoranews.org/cms/node/2554",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://lists.rpath.com/pipermail/security-announce/2007-February/000141.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Broken Link"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://security.gentoo.org/glsa/glsa-200703-15.xml",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://securitytracker.com/id?1017597",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory",
|
|
"VDB Entry"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102825-1",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Broken Link"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://support.avaya.com/elmodocs2/security/ASA-2007-117.htm",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.debian.org/security/2007/dsa-1261",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:037",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Broken Link"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.novell.com/linux/security/advisories/2007_10_sr.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.postgresql.org/support/security",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Vendor Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.redhat.com/support/errata/RHSA-2007-0064.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.redhat.com/support/errata/RHSA-2007-0067.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.redhat.com/support/errata/RHSA-2007-0068.html",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/459280/100/0/threaded",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory",
|
|
"VDB Entry"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/459448/100/0/threaded",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory",
|
|
"VDB Entry"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/22387",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory",
|
|
"VDB Entry"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.trustix.org/errata/2007/0007",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Broken Link"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.ubuntu.com/usn/usn-417-2",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2007/0478",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2007/0774",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32195",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory",
|
|
"VDB Entry"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://issues.rpath.com/browse/RPL-1025",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Broken Link"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://issues.rpath.com/browse/RPL-830",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Broken Link"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9739",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://usn.ubuntu.com/417-1/",
|
|
"source": "cve@mitre.org",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
}
|
|
]
|
|
} |