fkie_nvd - fkie_cve-2007-4769

fkie_cve-2007-4769

Vulnerability from fkie_nvd

Published

2008-01-09 21:46

Modified

2025-04-09 00:30

Severity ?

Summary

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number.

References

URL	Tags
cve@mitre.org	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154
cve@mitre.org	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154
cve@mitre.org	http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html
cve@mitre.org	http://secunia.com/advisories/28359	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/28376	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/28437	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/28438	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/28454	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/28455	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/28464	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/28477
cve@mitre.org	http://secunia.com/advisories/28479	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/28679	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/28698	Vendor Advisory
cve@mitre.org	http://secunia.com/advisories/29638	Vendor Advisory
cve@mitre.org	http://security.gentoo.org/glsa/glsa-200801-15.xml
cve@mitre.org	http://securitytracker.com/id?1019157
cve@mitre.org	http://sourceforge.net/project/shownotes.php?release_id=565440&group_id=10894
cve@mitre.org	http://sourceforge.net/tracker/index.php?func=detail&aid=1810264&group_id=10894&atid=110894
cve@mitre.org	http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1
cve@mitre.org	http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1
cve@mitre.org	http://www.debian.org/security/2008/dsa-1460
cve@mitre.org	http://www.debian.org/security/2008/dsa-1463
cve@mitre.org	http://www.mandriva.com/security/advisories?name=MDVSA-2008:004
cve@mitre.org	http://www.postgresql.org/about/news.905
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2008-0038.html
cve@mitre.org	http://www.redhat.com/support/errata/RHSA-2008-0040.html
cve@mitre.org	http://www.securityfocus.com/archive/1/485864/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/archive/1/486407/100/0/threaded
cve@mitre.org	http://www.securityfocus.com/bid/27163	Patch
cve@mitre.org	http://www.vupen.com/english/advisories/2008/0061	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2008/0109	Vendor Advisory
cve@mitre.org	http://www.vupen.com/english/advisories/2008/1071/references
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/39499
cve@mitre.org	https://issues.rpath.com/browse/RPL-1768
cve@mitre.org	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9804
cve@mitre.org	https://usn.ubuntu.com/568-1/
cve@mitre.org	https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html
cve@mitre.org	https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html
af854a3a-2127-422b-91ae-364da2661108	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154
af854a3a-2127-422b-91ae-364da2661108	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28359	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28376	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28437	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28438	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28454	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28455	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28464	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28477
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28479	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28679	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28698	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/29638	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://security.gentoo.org/glsa/glsa-200801-15.xml
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1019157
af854a3a-2127-422b-91ae-364da2661108	http://sourceforge.net/project/shownotes.php?release_id=565440&group_id=10894
af854a3a-2127-422b-91ae-364da2661108	http://sourceforge.net/tracker/index.php?func=detail&aid=1810264&group_id=10894&atid=110894
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1
af854a3a-2127-422b-91ae-364da2661108	http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2008/dsa-1460
af854a3a-2127-422b-91ae-364da2661108	http://www.debian.org/security/2008/dsa-1463
af854a3a-2127-422b-91ae-364da2661108	http://www.mandriva.com/security/advisories?name=MDVSA-2008:004
af854a3a-2127-422b-91ae-364da2661108	http://www.postgresql.org/about/news.905
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2008-0038.html
af854a3a-2127-422b-91ae-364da2661108	http://www.redhat.com/support/errata/RHSA-2008-0040.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/485864/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/archive/1/486407/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/27163	Patch
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0061	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0109	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/1071/references
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/39499
af854a3a-2127-422b-91ae-364da2661108	https://issues.rpath.com/browse/RPL-1768
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9804
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/568-1/
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html
af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html

Impacted products

Vendor	Product	Version
postgresql	postgresql	7.3
postgresql	postgresql	7.3.1
postgresql	postgresql	7.3.2
postgresql	postgresql	7.3.3
postgresql	postgresql	7.3.4
postgresql	postgresql	7.3.6
postgresql	postgresql	7.3.8
postgresql	postgresql	7.3.9
postgresql	postgresql	7.3.10
postgresql	postgresql	7.3.11
postgresql	postgresql	7.3.12
postgresql	postgresql	7.3.13
postgresql	postgresql	7.3.14
postgresql	postgresql	7.3.15
postgresql	postgresql	7.3.16
postgresql	postgresql	7.3.19
postgresql	postgresql	7.4
postgresql	postgresql	7.4.1
postgresql	postgresql	7.4.2
postgresql	postgresql	7.4.3
postgresql	postgresql	7.4.4
postgresql	postgresql	7.4.5
postgresql	postgresql	7.4.6
postgresql	postgresql	7.4.7
postgresql	postgresql	7.4.8
postgresql	postgresql	7.4.9
postgresql	postgresql	7.4.10
postgresql	postgresql	7.4.11
postgresql	postgresql	7.4.12
postgresql	postgresql	7.4.13
postgresql	postgresql	7.4.14
postgresql	postgresql	7.4.16
postgresql	postgresql	7.4.17
postgresql	postgresql	8.0
postgresql	postgresql	8.0.1
postgresql	postgresql	8.0.2
postgresql	postgresql	8.0.3
postgresql	postgresql	8.0.4
postgresql	postgresql	8.0.5
postgresql	postgresql	8.0.7
postgresql	postgresql	8.0.8
postgresql	postgresql	8.0.9
postgresql	postgresql	8.0.11
postgresql	postgresql	8.0.13
postgresql	postgresql	8.0.317
postgresql	postgresql	8.1.1
postgresql	postgresql	8.1.3
postgresql	postgresql	8.1.4
postgresql	postgresql	8.1.5
postgresql	postgresql	8.1.7
postgresql	postgresql	8.1.8
postgresql	postgresql	8.1.9
postgresql	postgresql	8.2
postgresql	postgresql	8.2.2
postgresql	postgresql	8.2.3
postgresql	postgresql	8.2.4
tcl_tk	tcl_tk	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4064A96D-84D5-4257-9981-1139CD4CD08C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C98290E4-2919-4492-BD14-BB24BA85C729",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B56E9F72-6CBF-4784-89CD-435A030AC0B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6DEF0FE5-EFCF-448E-B6BD-95FDDD4E17FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "03B480F0-8FFC-4463-ADC6-95906751811C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "629881D2-2A6D-4461-8C35-6EE575B63E6E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5A19EB5-A1AF-4293-854D-347CD21065DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "B18ED293-B408-435F-9D1F-2365A2E51022",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7106B29-76F3-43FD-BF57-4693D5B55076",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "16B804CD-AE47-4B46-9B37-7F46D4C9A332",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "D23E89A3-551D-42E2-90EC-59A9DAB4F854",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FC46594-100B-459F-BCB7-1FA9D0719D76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "AECD278B-55A7-4BCC-8AF1-004F02A96BD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "95DB94EF-32AE-4DD9-A9A4-4F7D4BE5F1AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE0ED225-91C8-4FA6-9E33-A1D1AA99AA9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.19:*:*:*:*:*:*:*",
              "matchCriteriaId": "99679F07-ED44-47EE-AD51-3139F30B88DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "FBE2567C-BF48-4255-9E56-590A6F9DD932",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0C8DDD98-9A2D-402D-9172-F3C4C4C97FEF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "20C8302B-631A-4DF7-839B-C6F3CC39E000",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FB318EB9-1B49-452A-92CF-89D9BA990AB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5913A53B-7B72-4CBD-ADAE-318333EB8B7B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "815E58C0-327D-4F14-B496-05FC8179627E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "3EF2D056-5120-4F98-8343-4EC31F962CFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "516E0E86-3D8A-43F9-9DD5-865F5C889FC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "5A7A9D3C-4BB6-4974-BF96-6E6728196F4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "486EDE1B-37E0-4DDF-BFC9-C8C8945D5E2A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7FC7F18-B227-4C46-9A33-FB34DDE456CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCDB903F-0C89-4E65-857E-553CF9C192E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6BF8B1E-68F7-4F27-AD1F-FA02B256BDAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD0DEB63-CA70-44C1-9491-E0790D1A8E21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA8E73E5-BA41-4FA2-8457-803A97FB00C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.16:*:*:*:*:*:*:*",
              "matchCriteriaId": "4975D8ED-7DCB-430F-98E1-DB165D6DA7E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "CCBF8CDE-5E75-4DF8-AE1A-B7377953917A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "94222D76-82BE-4FFB-BE4B-5DBAF3080D4D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "91D1232E-4D0A-4BDC-99F6-25AEE014E9AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "105E9F52-D17E-4A0B-9C46-FD32A930B1E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0DE2055D-AAA4-4A6A-918F-349A9749AF09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "C12409B2-161B-4F78-B7AD-3CF69DDCC574",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD2F1DA4-6625-469D-988B-5457B68851A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2E26D52-D95A-4547-BE6E-4F142F54A624",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AAB2D1D-BE61-4D7C-B305-58B4F4126620",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A5F8D8B-34C5-4EBC-BB20-4D11191238B5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "EEE16023-9A5E-46D5-B597-E6885C224786",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "BCF2794E-6B48-496B-B6CA-CDC7FC2160CA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.317:*:*:*:*:*:*:*",
              "matchCriteriaId": "C8E78663-EBEA-4C00-9CD0-2115676C86E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEEC35A2-B17C-46EC-8697-9E03568339BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6B52D093-7867-4FE8-B055-D8190103A1E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF1A06EE-26BD-4CDA-AEB9-01124FC37E37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF855730-C61C-4FDC-96CB-57775A903421",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "992C3EC0-4C12-4FB0-8844-9EFB91DA95E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E3EBF1D-D5BD-4A22-B76A-2BAB21534E70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "02DC4E8A-A728-4734-B67A-C58C37DA90C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7213327F-6909-43A7-952E-11600C28D4E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D9F645F3-9767-4FD8-94EB-1096DF24E6C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C342A823-EF6F-4557-9F9E-D8893EA4C2BA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:postgresql:postgresql:8.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B85A443F-0802-412F-9AEE-3525311C93D4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A797831-3F58-45FD-86F7-5B0A9AA038DB",
              "versionEndIncluding": "8.4.16",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number."
    },
    {
      "lang": "es",
      "value": "El analizador de expresiones regulares en TCL versiones anteriores a 8.4.17, como es usado en PostgreSQL versiones 8.2 anteriores a 8.2.6,versiones 8.1 anteriores a 8.1.11, versiones 8.0 anteriores a 8.0.15 y versiones 7.4 anteriores a 7.4.19, permite a usuarios autenticados remotos causar una denegaci\u00f3n de servicio (bloqueo del backend) por medio de un n\u00famero backref fuera de l\u00edmites."
    }
  ],
  "id": "CVE-2007-4769",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 6.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-01-09T21:46:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28359"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28376"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28437"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28438"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28454"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28455"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28464"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/28477"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28479"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28679"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28698"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29638"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200801-15.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1019157"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sourceforge.net/project/shownotes.php?release_id=565440\u0026group_id=10894"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1810264\u0026group_id=10894\u0026atid=110894"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2008/dsa-1460"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2008/dsa-1463"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:004"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.postgresql.org/about/news.905"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0038.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0040.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/485864/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/486407/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/27163"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0061"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0109"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2008/1071/references"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39499"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://issues.rpath.com/browse/RPL-1768"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9804"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://usn.ubuntu.com/568-1/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28359"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28376"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28437"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28438"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28454"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28455"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28464"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/28477"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28479"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28679"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28698"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/29638"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200801-15.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1019157"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sourceforge.net/project/shownotes.php?release_id=565440\u0026group_id=10894"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1810264\u0026group_id=10894\u0026atid=110894"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1460"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2008/dsa-1463"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:004"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.postgresql.org/about/news.905"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0038.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2008-0040.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/485864/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/486407/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/27163"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0061"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0109"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/1071/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39499"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://issues.rpath.com/browse/RPL-1768"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9804"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/568-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-189"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2007-4769 (GCVE-0-2007-4769)

Vulnerability from cvelistv5

Published

2008-01-09 21:00