CVE-2007-0555
Published Feb 6, 2007
Last updated 2 years ago
Overview
- Description
- PostgreSQL 7.3 before 7.3.13, 7.4 before 7.4.16, 8.0 before 8.0.11, 8.1 before 8.1.7, and 8.2 before 8.2.2 allows attackers to disable certain checks for the data types of SQL function arguments, which allows remote authenticated users to cause a denial of service (server crash) and possibly access database content.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 8.5
- Impact score
- 9.2
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:C/I:N/A:C
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "74C80C9C-E694-411A-8FFA-37086DA93E98",
"versionEndExcluding": "7.3.18",
"versionStartIncluding": "7.3"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4222C601-5A7B-4271-BB7E-60C6AB0A44F0",
"versionEndExcluding": "7.4.16",
"versionStartIncluding": "7.4"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3126BF80-DE85-4528-929B-BF5AE975D34F",
"versionEndExcluding": "8.0.11",
"versionStartIncluding": "8.0"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6245E857-5D6D-48BC-ACD0-F9E7640DDBE8",
"versionEndExcluding": "8.1.7",
"versionStartIncluding": "8.1"
},
{
"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4291E43E-C563-4994-A769-A7D94F4186CC",
"versionEndExcluding": "8.2.2",
"versionStartIncluding": "8.2"
}
],
"operator": "OR"
}
]
}
]