csaf_suse - suse-su-2016:0539-1

suse-su-2016:0539-1

Vulnerability from csaf_suse

Published

2016-02-22 10:07

Modified

2016-02-22 10:07

Summary

Security update for postgresql93

Notes

Title of the patch

Security update for postgresql93

Description of the patch

This update for postgresql93 fixes the following issues: - Security and bugfix release 9.3.11: * Fix infinite loops and buffer-overrun problems in regular expressions (CVE-2016-0773, bsc#966436). * Fix regular-expression compiler to handle loops of constraint arcs (CVE-2007-4772). * Prevent certain PL/Java parameters from being set by non-superusers (CVE-2016-0766, bsc#966435). * Fix many issues in pg_dump with specific object types * Prevent over-eager pushdown of HAVING clauses for GROUPING SETS * Fix deparsing error with ON CONFLICT ... WHERE clauses * Fix tableoid errors for postgres_fdw * Prevent floating-point exceptions in pgbench * Make \det search Foreign Table names consistently * Fix quoting of domain constraint names in pg_dump * Prevent putting expanded objects into Const nodes * Allow compile of PL/Java on Windows * Fix 'unresolved symbol' errors in PL/Python execution * Allow Python2 and Python3 to be used in the same database * Add support for Python 3.5 in PL/Python * Fix issue with subdirectory creation during initdb * Make pg_ctl report status correctly on Windows * Suppress confusing error when using pg_receivexlog with older servers * Multiple documentation corrections and additions * Fix erroneous hash calculations in gin_extract_jsonb_path() - For the full release notse, see: http://www.postgresql.org/docs/9.3/static/release-9-3-11.html

Patchnames

SUSE-SLE-DESKTOP-12-2016-292,SUSE-SLE-SDK-12-2016-292,SUSE-SLE-SERVER-12-2016-292

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for postgresql93",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThis update for postgresql93 fixes the following issues: \n\n- Security and bugfix release 9.3.11:\n  * Fix infinite loops and buffer-overrun problems in regular\n    expressions (CVE-2016-0773, bsc#966436).\n  * Fix regular-expression compiler to handle loops of constraint\n    arcs (CVE-2007-4772).\n  * Prevent certain PL/Java parameters from being set by\n    non-superusers (CVE-2016-0766, bsc#966435).\n  * Fix many issues in pg_dump with specific object types\n  * Prevent over-eager pushdown of HAVING clauses for\n    GROUPING SETS\n  * Fix deparsing error with ON CONFLICT ... WHERE clauses\n  * Fix tableoid errors for postgres_fdw\n  * Prevent floating-point exceptions in pgbench\n  * Make \\det search Foreign Table names consistently\n  * Fix quoting of domain constraint names in pg_dump\n  * Prevent putting expanded objects into Const nodes\n  * Allow compile of PL/Java on Windows\n  * Fix \u0027unresolved symbol\u0027 errors in PL/Python execution\n  * Allow Python2 and Python3 to be used in the same database\n  * Add support for Python 3.5 in PL/Python\n  * Fix issue with subdirectory creation during initdb\n  * Make pg_ctl report status correctly on Windows\n  * Suppress confusing error when using pg_receivexlog with older\n    servers\n  * Multiple documentation corrections and additions\n  * Fix erroneous hash calculations in gin_extract_jsonb_path()\n- For the full release notse, see:\n  http://www.postgresql.org/docs/9.3/static/release-9-3-11.html\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SLE-DESKTOP-12-2016-292,SUSE-SLE-SDK-12-2016-292,SUSE-SLE-SERVER-12-2016-292",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2016_0539-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2016:0539-1",
        "url": "https://www.suse.com/support/update/announcement/2016/suse-su-20160539-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2016:0539-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2016-February/001888.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 966435",
        "url": "https://bugzilla.suse.com/966435"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 966436",
        "url": "https://bugzilla.suse.com/966436"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2007-4772 page",
        "url": "https://www.suse.com/security/cve/CVE-2007-4772/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-0766 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-0766/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2016-0773 page",
        "url": "https://www.suse.com/security/cve/CVE-2016-0773/"
      }
    ],
    "title": "Security update for postgresql93",
    "tracking": {
      "current_release_date": "2016-02-22T10:07:15Z",
      "generator": {
        "date": "2016-02-22T10:07:15Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2016:0539-1",
      "initial_release_date": "2016-02-22T10:07:15Z",
      "revision_history": [
        {
          "date": "2016-02-22T10:07:15Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "postgresql93-docs-9.3.11-14.2.noarch",
                "product": {
                  "name": "postgresql93-docs-9.3.11-14.2.noarch",
                  "product_id": "postgresql93-docs-9.3.11-14.2.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "postgresql93-devel-9.3.11-14.1.ppc64le",
                "product": {
                  "name": "postgresql93-devel-9.3.11-14.1.ppc64le",
                  "product_id": "postgresql93-devel-9.3.11-14.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql93-9.3.11-14.2.ppc64le",
                "product": {
                  "name": "postgresql93-9.3.11-14.2.ppc64le",
                  "product_id": "postgresql93-9.3.11-14.2.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql93-contrib-9.3.11-14.2.ppc64le",
                "product": {
                  "name": "postgresql93-contrib-9.3.11-14.2.ppc64le",
                  "product_id": "postgresql93-contrib-9.3.11-14.2.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql93-server-9.3.11-14.2.ppc64le",
                "product": {
                  "name": "postgresql93-server-9.3.11-14.2.ppc64le",
                  "product_id": "postgresql93-server-9.3.11-14.2.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "postgresql93-devel-9.3.11-14.1.s390x",
                "product": {
                  "name": "postgresql93-devel-9.3.11-14.1.s390x",
                  "product_id": "postgresql93-devel-9.3.11-14.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql93-9.3.11-14.2.s390x",
                "product": {
                  "name": "postgresql93-9.3.11-14.2.s390x",
                  "product_id": "postgresql93-9.3.11-14.2.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql93-contrib-9.3.11-14.2.s390x",
                "product": {
                  "name": "postgresql93-contrib-9.3.11-14.2.s390x",
                  "product_id": "postgresql93-contrib-9.3.11-14.2.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql93-server-9.3.11-14.2.s390x",
                "product": {
                  "name": "postgresql93-server-9.3.11-14.2.s390x",
                  "product_id": "postgresql93-server-9.3.11-14.2.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "postgresql93-9.3.11-14.2.x86_64",
                "product": {
                  "name": "postgresql93-9.3.11-14.2.x86_64",
                  "product_id": "postgresql93-9.3.11-14.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql93-devel-9.3.11-14.1.x86_64",
                "product": {
                  "name": "postgresql93-devel-9.3.11-14.1.x86_64",
                  "product_id": "postgresql93-devel-9.3.11-14.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql93-contrib-9.3.11-14.2.x86_64",
                "product": {
                  "name": "postgresql93-contrib-9.3.11-14.2.x86_64",
                  "product_id": "postgresql93-contrib-9.3.11-14.2.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "postgresql93-server-9.3.11-14.2.x86_64",
                "product": {
                  "name": "postgresql93-server-9.3.11-14.2.x86_64",
                  "product_id": "postgresql93-server-9.3.11-14.2.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Desktop 12",
                "product": {
                  "name": "SUSE Linux Enterprise Desktop 12",
                  "product_id": "SUSE Linux Enterprise Desktop 12",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sled:12"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Software Development Kit 12",
                "product": {
                  "name": "SUSE Linux Enterprise Software Development Kit 12",
                  "product_id": "SUSE Linux Enterprise Software Development Kit 12",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-sdk:12"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12",
                  "product_id": "SUSE Linux Enterprise Server 12",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles:12"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 12",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 12",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 12",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:12"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql93-9.3.11-14.2.x86_64 as component of SUSE Linux Enterprise Desktop 12",
          "product_id": "SUSE Linux Enterprise Desktop 12:postgresql93-9.3.11-14.2.x86_64"
        },
        "product_reference": "postgresql93-9.3.11-14.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Desktop 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql93-devel-9.3.11-14.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.11-14.1.ppc64le"
        },
        "product_reference": "postgresql93-devel-9.3.11-14.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql93-devel-9.3.11-14.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.11-14.1.s390x"
        },
        "product_reference": "postgresql93-devel-9.3.11-14.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql93-devel-9.3.11-14.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12",
          "product_id": "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.11-14.1.x86_64"
        },
        "product_reference": "postgresql93-devel-9.3.11-14.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql93-9.3.11-14.2.ppc64le as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:postgresql93-9.3.11-14.2.ppc64le"
        },
        "product_reference": "postgresql93-9.3.11-14.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql93-9.3.11-14.2.s390x as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:postgresql93-9.3.11-14.2.s390x"
        },
        "product_reference": "postgresql93-9.3.11-14.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql93-9.3.11-14.2.x86_64 as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:postgresql93-9.3.11-14.2.x86_64"
        },
        "product_reference": "postgresql93-9.3.11-14.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql93-contrib-9.3.11-14.2.ppc64le as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.11-14.2.ppc64le"
        },
        "product_reference": "postgresql93-contrib-9.3.11-14.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql93-contrib-9.3.11-14.2.s390x as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.11-14.2.s390x"
        },
        "product_reference": "postgresql93-contrib-9.3.11-14.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql93-contrib-9.3.11-14.2.x86_64 as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.11-14.2.x86_64"
        },
        "product_reference": "postgresql93-contrib-9.3.11-14.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql93-docs-9.3.11-14.2.noarch as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:postgresql93-docs-9.3.11-14.2.noarch"
        },
        "product_reference": "postgresql93-docs-9.3.11-14.2.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql93-server-9.3.11-14.2.ppc64le as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.11-14.2.ppc64le"
        },
        "product_reference": "postgresql93-server-9.3.11-14.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql93-server-9.3.11-14.2.s390x as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.11-14.2.s390x"
        },
        "product_reference": "postgresql93-server-9.3.11-14.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql93-server-9.3.11-14.2.x86_64 as component of SUSE Linux Enterprise Server 12",
          "product_id": "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.11-14.2.x86_64"
        },
        "product_reference": "postgresql93-server-9.3.11-14.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql93-9.3.11-14.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.11-14.2.ppc64le"
        },
        "product_reference": "postgresql93-9.3.11-14.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql93-9.3.11-14.2.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.11-14.2.s390x"
        },
        "product_reference": "postgresql93-9.3.11-14.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql93-9.3.11-14.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.11-14.2.x86_64"
        },
        "product_reference": "postgresql93-9.3.11-14.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql93-contrib-9.3.11-14.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.11-14.2.ppc64le"
        },
        "product_reference": "postgresql93-contrib-9.3.11-14.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql93-contrib-9.3.11-14.2.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.11-14.2.s390x"
        },
        "product_reference": "postgresql93-contrib-9.3.11-14.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql93-contrib-9.3.11-14.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.11-14.2.x86_64"
        },
        "product_reference": "postgresql93-contrib-9.3.11-14.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql93-docs-9.3.11-14.2.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-docs-9.3.11-14.2.noarch"
        },
        "product_reference": "postgresql93-docs-9.3.11-14.2.noarch",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql93-server-9.3.11-14.2.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.11-14.2.ppc64le"
        },
        "product_reference": "postgresql93-server-9.3.11-14.2.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql93-server-9.3.11-14.2.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.11-14.2.s390x"
        },
        "product_reference": "postgresql93-server-9.3.11-14.2.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "postgresql93-server-9.3.11-14.2.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.11-14.2.x86_64"
        },
        "product_reference": "postgresql93-server-9.3.11-14.2.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2007-4772",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2007-4772"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Desktop 12:postgresql93-9.3.11-14.2.x86_64",
          "SUSE Linux Enterprise Server 12:postgresql93-9.3.11-14.2.ppc64le",
          "SUSE Linux Enterprise Server 12:postgresql93-9.3.11-14.2.s390x",
          "SUSE Linux Enterprise Server 12:postgresql93-9.3.11-14.2.x86_64",
          "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.11-14.2.ppc64le",
          "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.11-14.2.s390x",
          "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.11-14.2.x86_64",
          "SUSE Linux Enterprise Server 12:postgresql93-docs-9.3.11-14.2.noarch",
          "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.11-14.2.ppc64le",
          "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.11-14.2.s390x",
          "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.11-14.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.11-14.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.11-14.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.11-14.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.11-14.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.11-14.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.11-14.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-docs-9.3.11-14.2.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.11-14.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.11-14.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.11-14.2.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.11-14.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.11-14.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.11-14.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2007-4772",
          "url": "https://www.suse.com/security/cve/CVE-2007-4772"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 329282 for CVE-2007-4772",
          "url": "https://bugzilla.suse.com/329282"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Desktop 12:postgresql93-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server 12:postgresql93-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server 12:postgresql93-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server 12:postgresql93-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server 12:postgresql93-docs-9.3.11-14.2.noarch",
            "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-docs-9.3.11-14.2.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.11-14.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.11-14.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.11-14.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-22T10:07:15Z",
          "details": "important"
        }
      ],
      "title": "CVE-2007-4772"
    },
    {
      "cve": "CVE-2016-0766",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-0766"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Desktop 12:postgresql93-9.3.11-14.2.x86_64",
          "SUSE Linux Enterprise Server 12:postgresql93-9.3.11-14.2.ppc64le",
          "SUSE Linux Enterprise Server 12:postgresql93-9.3.11-14.2.s390x",
          "SUSE Linux Enterprise Server 12:postgresql93-9.3.11-14.2.x86_64",
          "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.11-14.2.ppc64le",
          "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.11-14.2.s390x",
          "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.11-14.2.x86_64",
          "SUSE Linux Enterprise Server 12:postgresql93-docs-9.3.11-14.2.noarch",
          "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.11-14.2.ppc64le",
          "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.11-14.2.s390x",
          "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.11-14.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.11-14.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.11-14.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.11-14.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.11-14.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.11-14.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.11-14.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-docs-9.3.11-14.2.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.11-14.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.11-14.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.11-14.2.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.11-14.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.11-14.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.11-14.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-0766",
          "url": "https://www.suse.com/security/cve/CVE-2016-0766"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 966435 for CVE-2016-0766",
          "url": "https://bugzilla.suse.com/966435"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 966436 for CVE-2016-0766",
          "url": "https://bugzilla.suse.com/966436"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 978323 for CVE-2016-0766",
          "url": "https://bugzilla.suse.com/978323"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Desktop 12:postgresql93-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server 12:postgresql93-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server 12:postgresql93-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server 12:postgresql93-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server 12:postgresql93-docs-9.3.11-14.2.noarch",
            "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-docs-9.3.11-14.2.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.11-14.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.11-14.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.11-14.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Desktop 12:postgresql93-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server 12:postgresql93-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server 12:postgresql93-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server 12:postgresql93-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server 12:postgresql93-docs-9.3.11-14.2.noarch",
            "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-docs-9.3.11-14.2.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.11-14.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.11-14.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.11-14.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-22T10:07:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-0766"
    },
    {
      "cve": "CVE-2016-0773",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2016-0773"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to cause a denial of service (infinite loop or buffer overflow and crash) via a large Unicode character range in a regular expression.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Desktop 12:postgresql93-9.3.11-14.2.x86_64",
          "SUSE Linux Enterprise Server 12:postgresql93-9.3.11-14.2.ppc64le",
          "SUSE Linux Enterprise Server 12:postgresql93-9.3.11-14.2.s390x",
          "SUSE Linux Enterprise Server 12:postgresql93-9.3.11-14.2.x86_64",
          "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.11-14.2.ppc64le",
          "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.11-14.2.s390x",
          "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.11-14.2.x86_64",
          "SUSE Linux Enterprise Server 12:postgresql93-docs-9.3.11-14.2.noarch",
          "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.11-14.2.ppc64le",
          "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.11-14.2.s390x",
          "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.11-14.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.11-14.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.11-14.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.11-14.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.11-14.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.11-14.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.11-14.2.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-docs-9.3.11-14.2.noarch",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.11-14.2.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.11-14.2.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.11-14.2.x86_64",
          "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.11-14.1.ppc64le",
          "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.11-14.1.s390x",
          "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.11-14.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2016-0773",
          "url": "https://www.suse.com/security/cve/CVE-2016-0773"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 966435 for CVE-2016-0773",
          "url": "https://bugzilla.suse.com/966435"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 966436 for CVE-2016-0773",
          "url": "https://bugzilla.suse.com/966436"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 978323 for CVE-2016-0773",
          "url": "https://bugzilla.suse.com/978323"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 983246 for CVE-2016-0773",
          "url": "https://bugzilla.suse.com/983246"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 986409 for CVE-2016-0773",
          "url": "https://bugzilla.suse.com/986409"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Desktop 12:postgresql93-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server 12:postgresql93-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server 12:postgresql93-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server 12:postgresql93-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server 12:postgresql93-docs-9.3.11-14.2.noarch",
            "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-docs-9.3.11-14.2.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.11-14.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.11-14.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.11-14.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "products": [
            "SUSE Linux Enterprise Desktop 12:postgresql93-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server 12:postgresql93-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server 12:postgresql93-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server 12:postgresql93-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server 12:postgresql93-contrib-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server 12:postgresql93-docs-9.3.11-14.2.noarch",
            "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server 12:postgresql93-server-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-contrib-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-docs-9.3.11-14.2.noarch",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.11-14.2.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.11-14.2.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12:postgresql93-server-9.3.11-14.2.x86_64",
            "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.11-14.1.ppc64le",
            "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.11-14.1.s390x",
            "SUSE Linux Enterprise Software Development Kit 12:postgresql93-devel-9.3.11-14.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2016-02-22T10:07:15Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2016-0773"
    }
  ]
}

CVE-2016-0773 (GCVE-0-2016-0773)

Vulnerability from cvelistv5

Published

2016-02-17 15:00

Modified

2024-08-05 22:30

Severity ?

CWE

Summary

PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to cause a denial of service (infinite loop or buffer overflow and crash) via a large Unicode character range in a regular expression.

References

►

URL

Tags

	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html	vendor-advisory, x_refsource_SUSE
	https://puppet.com/security/cve/CVE-2016-0773	x_refsource_CONFIRM
	http://www.postgresql.org/docs/current/static/release-9-3-11.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://www.postgresql.org/docs/current/static/release-9-2-15.html	x_refsource_CONFIRM
	https://kc.mcafee.com/corporate/index?page=content&id=SB10152	x_refsource_CONFIRM
	http://www.postgresql.org/docs/current/static/release-9-5-1.html	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201701-33	vendor-advisory, x_refsource_GENTOO
	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html	x_refsource_CONFIRM
	http://www.postgresql.org/about/news/1644/	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1035005	vdb-entry, x_refsource_SECTRACK
	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177878.html	vendor-advisory, x_refsource_FEDORA
	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177820.html	vendor-advisory, x_refsource_FEDORA
	http://rhn.redhat.com/errata/RHSA-2016-1060.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/83184	vdb-entry, x_refsource_BID
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html	vendor-advisory, x_refsource_SUSE
	http://www.postgresql.org/docs/current/static/release-9-4-6.html	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2894-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html	vendor-advisory, x_refsource_SUSE
	http://www.postgresql.org/docs/current/static/release-9-1-20.html	x_refsource_CONFIRM
	http://www.debian.org/security/2016/dsa-3476	vendor-advisory, x_refsource_DEBIAN
	http://www.debian.org/security/2016/dsa-3475	vendor-advisory, x_refsource_DEBIAN

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:30:04.273Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2016:0555",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://puppet.com/security/cve/CVE-2016-0773"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.postgresql.org/docs/current/static/release-9-3-11.html"
          },
          {
            "name": "SUSE-SU-2016:0677",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html"
          },
          {
            "name": "SUSE-SU-2016:0539",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.postgresql.org/docs/current/static/release-9-2-15.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10152"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.postgresql.org/docs/current/static/release-9-5-1.html"
          },
          {
            "name": "GLSA-201701-33",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201701-33"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.postgresql.org/about/news/1644/"
          },
          {
            "name": "1035005",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035005"
          },
          {
            "name": "FEDORA-2016-b0c2412ab2",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177878.html"
          },
          {
            "name": "FEDORA-2016-e0a6c9ebc4",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177820.html"
          },
          {
            "name": "RHSA-2016:1060",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2016-1060.html"
          },
          {
            "name": "83184",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/83184"
          },
          {
            "name": "openSUSE-SU-2016:0578",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.postgresql.org/docs/current/static/release-9-4-6.html"
          },
          {
            "name": "USN-2894-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2894-1"
          },
          {
            "name": "openSUSE-SU-2016:0531",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.postgresql.org/docs/current/static/release-9-1-20.html"
          },
          {
            "name": "DSA-3476",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3476"
          },
          {
            "name": "DSA-3475",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3475"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-02-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to cause a denial of service (infinite loop or buffer overflow and crash) via a large Unicode character range in a regular expression."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-08T10:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "SUSE-SU-2016:0555",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://puppet.com/security/cve/CVE-2016-0773"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.postgresql.org/docs/current/static/release-9-3-11.html"
        },
        {
          "name": "SUSE-SU-2016:0677",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html"
        },
        {
          "name": "SUSE-SU-2016:0539",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.postgresql.org/docs/current/static/release-9-2-15.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10152"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.postgresql.org/docs/current/static/release-9-5-1.html"
        },
        {
          "name": "GLSA-201701-33",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201701-33"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.postgresql.org/about/news/1644/"
        },
        {
          "name": "1035005",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035005"
        },
        {
          "name": "FEDORA-2016-b0c2412ab2",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177878.html"
        },
        {
          "name": "FEDORA-2016-e0a6c9ebc4",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177820.html"
        },
        {
          "name": "RHSA-2016:1060",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2016-1060.html"
        },
        {
          "name": "83184",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/83184"
        },
        {
          "name": "openSUSE-SU-2016:0578",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.postgresql.org/docs/current/static/release-9-4-6.html"
        },
        {
          "name": "USN-2894-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2894-1"
        },
        {
          "name": "openSUSE-SU-2016:0531",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.postgresql.org/docs/current/static/release-9-1-20.html"
        },
        {
          "name": "DSA-3476",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3476"
        },
        {
          "name": "DSA-3475",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3475"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2016-0773",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 allows remote attackers to cause a denial of service (infinite loop or buffer overflow and crash) via a large Unicode character range in a regular expression."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SU-2016:0555",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html"
            },
            {
              "name": "https://puppet.com/security/cve/CVE-2016-0773",
              "refsource": "CONFIRM",
              "url": "https://puppet.com/security/cve/CVE-2016-0773"
            },
            {
              "name": "http://www.postgresql.org/docs/current/static/release-9-3-11.html",
              "refsource": "CONFIRM",
              "url": "http://www.postgresql.org/docs/current/static/release-9-3-11.html"
            },
            {
              "name": "SUSE-SU-2016:0677",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html"
            },
            {
              "name": "SUSE-SU-2016:0539",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html"
            },
            {
              "name": "http://www.postgresql.org/docs/current/static/release-9-2-15.html",
              "refsource": "CONFIRM",
              "url": "http://www.postgresql.org/docs/current/static/release-9-2-15.html"
            },
            {
              "name": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10152",
              "refsource": "CONFIRM",
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10152"
            },
            {
              "name": "http://www.postgresql.org/docs/current/static/release-9-5-1.html",
              "refsource": "CONFIRM",
              "url": "http://www.postgresql.org/docs/current/static/release-9-5-1.html"
            },
            {
              "name": "GLSA-201701-33",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201701-33"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
            },
            {
              "name": "http://www.postgresql.org/about/news/1644/",
              "refsource": "CONFIRM",
              "url": "http://www.postgresql.org/about/news/1644/"
            },
            {
              "name": "1035005",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1035005"
            },
            {
              "name": "FEDORA-2016-b0c2412ab2",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177878.html"
            },
            {
              "name": "FEDORA-2016-e0a6c9ebc4",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177820.html"
            },
            {
              "name": "RHSA-2016:1060",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2016-1060.html"
            },
            {
              "name": "83184",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/83184"
            },
            {
              "name": "openSUSE-SU-2016:0578",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html"
            },
            {
              "name": "http://www.postgresql.org/docs/current/static/release-9-4-6.html",
              "refsource": "CONFIRM",
              "url": "http://www.postgresql.org/docs/current/static/release-9-4-6.html"
            },
            {
              "name": "USN-2894-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2894-1"
            },
            {
              "name": "openSUSE-SU-2016:0531",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html"
            },
            {
              "name": "http://www.postgresql.org/docs/current/static/release-9-1-20.html",
              "refsource": "CONFIRM",
              "url": "http://www.postgresql.org/docs/current/static/release-9-1-20.html"
            },
            {
              "name": "DSA-3476",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3476"
            },
            {
              "name": "DSA-3475",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3475"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2016-0773",
    "datePublished": "2016-02-17T15:00:00",
    "dateReserved": "2015-12-16T00:00:00",
    "dateUpdated": "2024-08-05T22:30:04.273Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-4772 (GCVE-0-2007-4772)

Vulnerability from cvelistv5

Published

2008-01-09 21:00

Modified

2024-08-07 15:08

Severity ?

CWE

Summary

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.

References

►

URL

Tags

	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html	vendor-advisory, x_refsource_SUSE
	http://www.redhat.com/support/errata/RHSA-2008-0134.html	vendor-advisory, x_refsource_REDHAT
	http://www.mandriva.com/security/advisories?name=MDVSA-2008:004	vendor-advisory, x_refsource_MANDRIVA
	http://www.debian.org/security/2008/dsa-1460	vendor-advisory, x_refsource_DEBIAN
	http://www.vupen.com/english/advisories/2008/1744	vdb-entry, x_refsource_VUPEN
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2013-0122.html	vendor-advisory, x_refsource_REDHAT
	http://www.securityfocus.com/bid/27163	vdb-entry, x_refsource_BID
	https://issues.rpath.com/browse/RPL-1768	x_refsource_CONFIRM
	http://www.redhat.com/support/errata/RHSA-2008-0038.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/28454	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/archive/1/485864/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://secunia.com/advisories/28359	third-party-advisory, x_refsource_SECUNIA
	http://www.postgresql.org/about/news.905	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html	vendor-advisory, x_refsource_SUSE
	http://www.vupen.com/english/advisories/2008/0061	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/28679	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2008/0109	vdb-entry, x_refsource_VUPEN
	http://www.vmware.com/security/advisories/VMSA-2008-0009.html	x_refsource_CONFIRM
	http://secunia.com/advisories/28376	third-party-advisory, x_refsource_SECUNIA
	http://sourceforge.net/tracker/index.php?func=detail&aid=1810264&group_id=10894&atid=110894	x_refsource_CONFIRM
	http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1	vendor-advisory, x_refsource_SUNALERT
	http://secunia.com/advisories/28437	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/28455	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/28477	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/29638	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/28479	third-party-advisory, x_refsource_SECUNIA
	http://sourceforge.net/project/shownotes.php?release_id=565440&group_id=10894	x_refsource_CONFIRM
	http://secunia.com/advisories/29248	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/39497	vdb-entry, x_refsource_XF
	http://www.debian.org/security/2008/dsa-1463	vendor-advisory, x_refsource_DEBIAN
	http://www.redhat.com/support/errata/RHSA-2008-0040.html	vendor-advisory, x_refsource_REDHAT
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html	vendor-advisory, x_refsource_SUSE
	http://www.securityfocus.com/archive/1/486407/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	http://www.mandriva.com/security/advisories?name=MDVSA-2008:059	vendor-advisory, x_refsource_MANDRIVA
	http://secunia.com/advisories/28464	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/30535	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/28698	third-party-advisory, x_refsource_SECUNIA
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154	vendor-advisory, x_refsource_HP
	http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1	vendor-advisory, x_refsource_SUNALERT
	http://www.securityfocus.com/archive/1/493080/100/0/threaded	mailing-list, x_refsource_BUGTRAQ
	https://usn.ubuntu.com/568-1/	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html	vendor-advisory, x_refsource_SUSE
	https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html	vendor-advisory, x_refsource_FEDORA
	http://secunia.com/advisories/29070	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/28438	third-party-advisory, x_refsource_SECUNIA
	http://securitytracker.com/id?1019157	vdb-entry, x_refsource_SECTRACK
	http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705	x_refsource_CONFIRM
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11569	vdb-entry, signature, x_refsource_OVAL
	https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html	vendor-advisory, x_refsource_FEDORA
	http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154	vendor-advisory, x_refsource_HP
	http://security.gentoo.org/glsa/glsa-200801-15.xml	vendor-advisory, x_refsource_GENTOO
	http://www.vupen.com/english/advisories/2008/1071/references	vdb-entry, x_refsource_VUPEN

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:08:33.913Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2016:0555",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html"
          },
          {
            "name": "RHSA-2008:0134",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0134.html"
          },
          {
            "name": "MDVSA-2008:004",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:004"
          },
          {
            "name": "DSA-1460",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1460"
          },
          {
            "name": "ADV-2008-1744",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1744"
          },
          {
            "name": "SUSE-SU-2016:0677",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html"
          },
          {
            "name": "SUSE-SU-2016:0539",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html"
          },
          {
            "name": "RHSA-2013:0122",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2013-0122.html"
          },
          {
            "name": "27163",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/27163"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://issues.rpath.com/browse/RPL-1768"
          },
          {
            "name": "RHSA-2008:0038",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0038.html"
          },
          {
            "name": "28454",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28454"
          },
          {
            "name": "20080107 PostgreSQL 2007-01-07 Cumulative Security Release",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/485864/100/0/threaded"
          },
          {
            "name": "28359",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28359"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.postgresql.org/about/news.905"
          },
          {
            "name": "SUSE-SA:2008:005",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html"
          },
          {
            "name": "ADV-2008-0061",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0061"
          },
          {
            "name": "28679",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28679"
          },
          {
            "name": "ADV-2008-0109",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0109"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
          },
          {
            "name": "28376",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28376"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1810264\u0026group_id=10894\u0026atid=110894"
          },
          {
            "name": "103197",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1"
          },
          {
            "name": "28437",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28437"
          },
          {
            "name": "28455",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28455"
          },
          {
            "name": "28477",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28477"
          },
          {
            "name": "29638",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29638"
          },
          {
            "name": "28479",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28479"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://sourceforge.net/project/shownotes.php?release_id=565440\u0026group_id=10894"
          },
          {
            "name": "29248",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29248"
          },
          {
            "name": "postgresql-regular-expression-dos(39497)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39497"
          },
          {
            "name": "DSA-1463",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2008/dsa-1463"
          },
          {
            "name": "RHSA-2008:0040",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2008-0040.html"
          },
          {
            "name": "openSUSE-SU-2016:0578",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html"
          },
          {
            "name": "20080115 rPSA-2008-0016-1 postgresql postgresql-server",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/486407/100/0/threaded"
          },
          {
            "name": "MDVSA-2008:059",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:059"
          },
          {
            "name": "28464",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28464"
          },
          {
            "name": "30535",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30535"
          },
          {
            "name": "28698",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28698"
          },
          {
            "name": "SSRT080006",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154"
          },
          {
            "name": "200559",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1"
          },
          {
            "name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
          },
          {
            "name": "USN-568-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/568-1/"
          },
          {
            "name": "openSUSE-SU-2016:0531",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html"
          },
          {
            "name": "FEDORA-2008-0552",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html"
          },
          {
            "name": "29070",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/29070"
          },
          {
            "name": "28438",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28438"
          },
          {
            "name": "1019157",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1019157"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
          },
          {
            "name": "oval:org.mitre.oval:def:11569",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11569"
          },
          {
            "name": "FEDORA-2008-0478",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html"
          },
          {
            "name": "HPSBTU02325",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154"
          },
          {
            "name": "GLSA-200801-15",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200801-15.xml"
          },
          {
            "name": "ADV-2008-1071",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1071/references"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-01-06T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-15T20:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SUSE-SU-2016:0555",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html"
        },
        {
          "name": "RHSA-2008:0134",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0134.html"
        },
        {
          "name": "MDVSA-2008:004",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:004"
        },
        {
          "name": "DSA-1460",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1460"
        },
        {
          "name": "ADV-2008-1744",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1744"
        },
        {
          "name": "SUSE-SU-2016:0677",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html"
        },
        {
          "name": "SUSE-SU-2016:0539",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html"
        },
        {
          "name": "RHSA-2013:0122",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2013-0122.html"
        },
        {
          "name": "27163",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/27163"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://issues.rpath.com/browse/RPL-1768"
        },
        {
          "name": "RHSA-2008:0038",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0038.html"
        },
        {
          "name": "28454",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28454"
        },
        {
          "name": "20080107 PostgreSQL 2007-01-07 Cumulative Security Release",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/485864/100/0/threaded"
        },
        {
          "name": "28359",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28359"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.postgresql.org/about/news.905"
        },
        {
          "name": "SUSE-SA:2008:005",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html"
        },
        {
          "name": "ADV-2008-0061",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0061"
        },
        {
          "name": "28679",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28679"
        },
        {
          "name": "ADV-2008-0109",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0109"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
        },
        {
          "name": "28376",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28376"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1810264\u0026group_id=10894\u0026atid=110894"
        },
        {
          "name": "103197",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1"
        },
        {
          "name": "28437",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28437"
        },
        {
          "name": "28455",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28455"
        },
        {
          "name": "28477",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28477"
        },
        {
          "name": "29638",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29638"
        },
        {
          "name": "28479",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28479"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://sourceforge.net/project/shownotes.php?release_id=565440\u0026group_id=10894"
        },
        {
          "name": "29248",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29248"
        },
        {
          "name": "postgresql-regular-expression-dos(39497)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39497"
        },
        {
          "name": "DSA-1463",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2008/dsa-1463"
        },
        {
          "name": "RHSA-2008:0040",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2008-0040.html"
        },
        {
          "name": "openSUSE-SU-2016:0578",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html"
        },
        {
          "name": "20080115 rPSA-2008-0016-1 postgresql postgresql-server",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/486407/100/0/threaded"
        },
        {
          "name": "MDVSA-2008:059",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:059"
        },
        {
          "name": "28464",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28464"
        },
        {
          "name": "30535",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30535"
        },
        {
          "name": "28698",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28698"
        },
        {
          "name": "SSRT080006",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154"
        },
        {
          "name": "200559",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1"
        },
        {
          "name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
        },
        {
          "name": "USN-568-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/568-1/"
        },
        {
          "name": "openSUSE-SU-2016:0531",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html"
        },
        {
          "name": "FEDORA-2008-0552",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html"
        },
        {
          "name": "29070",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/29070"
        },
        {
          "name": "28438",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28438"
        },
        {
          "name": "1019157",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1019157"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
        },
        {
          "name": "oval:org.mitre.oval:def:11569",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11569"
        },
        {
          "name": "FEDORA-2008-0478",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html"
        },
        {
          "name": "HPSBTU02325",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154"
        },
        {
          "name": "GLSA-200801-15",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200801-15.xml"
        },
        {
          "name": "ADV-2008-1071",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1071/references"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-4772",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SU-2016:0555",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html"
            },
            {
              "name": "RHSA-2008:0134",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0134.html"
            },
            {
              "name": "MDVSA-2008:004",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:004"
            },
            {
              "name": "DSA-1460",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2008/dsa-1460"
            },
            {
              "name": "ADV-2008-1744",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1744"
            },
            {
              "name": "SUSE-SU-2016:0677",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html"
            },
            {
              "name": "SUSE-SU-2016:0539",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html"
            },
            {
              "name": "RHSA-2013:0122",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2013-0122.html"
            },
            {
              "name": "27163",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/27163"
            },
            {
              "name": "https://issues.rpath.com/browse/RPL-1768",
              "refsource": "CONFIRM",
              "url": "https://issues.rpath.com/browse/RPL-1768"
            },
            {
              "name": "RHSA-2008:0038",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0038.html"
            },
            {
              "name": "28454",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28454"
            },
            {
              "name": "20080107 PostgreSQL 2007-01-07 Cumulative Security Release",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/485864/100/0/threaded"
            },
            {
              "name": "28359",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28359"
            },
            {
              "name": "http://www.postgresql.org/about/news.905",
              "refsource": "CONFIRM",
              "url": "http://www.postgresql.org/about/news.905"
            },
            {
              "name": "SUSE-SA:2008:005",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html"
            },
            {
              "name": "ADV-2008-0061",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0061"
            },
            {
              "name": "28679",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28679"
            },
            {
              "name": "ADV-2008-0109",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0109"
            },
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html"
            },
            {
              "name": "28376",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28376"
            },
            {
              "name": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1810264\u0026group_id=10894\u0026atid=110894",
              "refsource": "CONFIRM",
              "url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1810264\u0026group_id=10894\u0026atid=110894"
            },
            {
              "name": "103197",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1"
            },
            {
              "name": "28437",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28437"
            },
            {
              "name": "28455",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28455"
            },
            {
              "name": "28477",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28477"
            },
            {
              "name": "29638",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29638"
            },
            {
              "name": "28479",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28479"
            },
            {
              "name": "http://sourceforge.net/project/shownotes.php?release_id=565440\u0026group_id=10894",
              "refsource": "CONFIRM",
              "url": "http://sourceforge.net/project/shownotes.php?release_id=565440\u0026group_id=10894"
            },
            {
              "name": "29248",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29248"
            },
            {
              "name": "postgresql-regular-expression-dos(39497)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39497"
            },
            {
              "name": "DSA-1463",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2008/dsa-1463"
            },
            {
              "name": "RHSA-2008:0040",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2008-0040.html"
            },
            {
              "name": "openSUSE-SU-2016:0578",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html"
            },
            {
              "name": "20080115 rPSA-2008-0016-1 postgresql postgresql-server",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/486407/100/0/threaded"
            },
            {
              "name": "MDVSA-2008:059",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:059"
            },
            {
              "name": "28464",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28464"
            },
            {
              "name": "30535",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30535"
            },
            {
              "name": "28698",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28698"
            },
            {
              "name": "SSRT080006",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154"
            },
            {
              "name": "200559",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1"
            },
            {
              "name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded"
            },
            {
              "name": "USN-568-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/568-1/"
            },
            {
              "name": "openSUSE-SU-2016:0531",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html"
            },
            {
              "name": "FEDORA-2008-0552",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html"
            },
            {
              "name": "29070",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/29070"
            },
            {
              "name": "28438",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28438"
            },
            {
              "name": "1019157",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1019157"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705"
            },
            {
              "name": "oval:org.mitre.oval:def:11569",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11569"
            },
            {
              "name": "FEDORA-2008-0478",
              "refsource": "FEDORA",
              "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html"
            },
            {
              "name": "HPSBTU02325",
              "refsource": "HP",
              "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154"
            },
            {
              "name": "GLSA-200801-15",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200801-15.xml"
            },
            {
              "name": "ADV-2008-1071",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1071/references"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-4772",
    "datePublished": "2008-01-09T21:00:00",
    "dateReserved": "2007-09-10T00:00:00",
    "dateUpdated": "2024-08-07T15:08:33.913Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2016-0766 (GCVE-0-2016-0766)

Vulnerability from cvelistv5

Published

2016-02-17 15:00

Modified

2024-08-05 22:30

Severity ?

CWE

Summary

PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors.

References

►

URL

Tags

	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html	vendor-advisory, x_refsource_SUSE
	http://www.postgresql.org/docs/current/static/release-9-3-11.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html	vendor-advisory, x_refsource_SUSE
	http://www.postgresql.org/docs/current/static/release-9-2-15.html	x_refsource_CONFIRM
	http://www.postgresql.org/docs/current/static/release-9-5-1.html	x_refsource_CONFIRM
	https://security.gentoo.org/glsa/201701-33	vendor-advisory, x_refsource_GENTOO
	http://www.postgresql.org/about/news/1644/	x_refsource_CONFIRM
	http://www.securitytracker.com/id/1035005	vdb-entry, x_refsource_SECTRACK
	http://www.securityfocus.com/bid/83184	vdb-entry, x_refsource_BID
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html	vendor-advisory, x_refsource_SUSE
	http://www.postgresql.org/docs/current/static/release-9-4-6.html	x_refsource_CONFIRM
	http://www.ubuntu.com/usn/USN-2894-1	vendor-advisory, x_refsource_UBUNTU
	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html	vendor-advisory, x_refsource_SUSE
	http://www.postgresql.org/docs/current/static/release-9-1-20.html	x_refsource_CONFIRM
	http://www.debian.org/security/2016/dsa-3476	vendor-advisory, x_refsource_DEBIAN
	http://www.debian.org/security/2016/dsa-3475	vendor-advisory, x_refsource_DEBIAN

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:30:03.996Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2016:0555",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.postgresql.org/docs/current/static/release-9-3-11.html"
          },
          {
            "name": "SUSE-SU-2016:0677",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html"
          },
          {
            "name": "SUSE-SU-2016:0539",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.postgresql.org/docs/current/static/release-9-2-15.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.postgresql.org/docs/current/static/release-9-5-1.html"
          },
          {
            "name": "GLSA-201701-33",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/201701-33"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.postgresql.org/about/news/1644/"
          },
          {
            "name": "1035005",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1035005"
          },
          {
            "name": "83184",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/83184"
          },
          {
            "name": "openSUSE-SU-2016:0578",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.postgresql.org/docs/current/static/release-9-4-6.html"
          },
          {
            "name": "USN-2894-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-2894-1"
          },
          {
            "name": "openSUSE-SU-2016:0531",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.postgresql.org/docs/current/static/release-9-1-20.html"
          },
          {
            "name": "DSA-3476",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3476"
          },
          {
            "name": "DSA-3475",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2016/dsa-3475"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2016-02-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-06-30T16:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "SUSE-SU-2016:0555",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.postgresql.org/docs/current/static/release-9-3-11.html"
        },
        {
          "name": "SUSE-SU-2016:0677",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html"
        },
        {
          "name": "SUSE-SU-2016:0539",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.postgresql.org/docs/current/static/release-9-2-15.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.postgresql.org/docs/current/static/release-9-5-1.html"
        },
        {
          "name": "GLSA-201701-33",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "https://security.gentoo.org/glsa/201701-33"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.postgresql.org/about/news/1644/"
        },
        {
          "name": "1035005",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1035005"
        },
        {
          "name": "83184",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/83184"
        },
        {
          "name": "openSUSE-SU-2016:0578",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.postgresql.org/docs/current/static/release-9-4-6.html"
        },
        {
          "name": "USN-2894-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-2894-1"
        },
        {
          "name": "openSUSE-SU-2016:0531",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.postgresql.org/docs/current/static/release-9-1-20.html"
        },
        {
          "name": "DSA-3476",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3476"
        },
        {
          "name": "DSA-3475",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2016/dsa-3475"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2016-0766",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SU-2016:0555",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html"
            },
            {
              "name": "http://www.postgresql.org/docs/current/static/release-9-3-11.html",
              "refsource": "CONFIRM",
              "url": "http://www.postgresql.org/docs/current/static/release-9-3-11.html"
            },
            {
              "name": "SUSE-SU-2016:0677",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html"
            },
            {
              "name": "SUSE-SU-2016:0539",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html"
            },
            {
              "name": "http://www.postgresql.org/docs/current/static/release-9-2-15.html",
              "refsource": "CONFIRM",
              "url": "http://www.postgresql.org/docs/current/static/release-9-2-15.html"
            },
            {
              "name": "http://www.postgresql.org/docs/current/static/release-9-5-1.html",
              "refsource": "CONFIRM",
              "url": "http://www.postgresql.org/docs/current/static/release-9-5-1.html"
            },
            {
              "name": "GLSA-201701-33",
              "refsource": "GENTOO",
              "url": "https://security.gentoo.org/glsa/201701-33"
            },
            {
              "name": "http://www.postgresql.org/about/news/1644/",
              "refsource": "CONFIRM",
              "url": "http://www.postgresql.org/about/news/1644/"
            },
            {
              "name": "1035005",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1035005"
            },
            {
              "name": "83184",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/83184"
            },
            {
              "name": "openSUSE-SU-2016:0578",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html"
            },
            {
              "name": "http://www.postgresql.org/docs/current/static/release-9-4-6.html",
              "refsource": "CONFIRM",
              "url": "http://www.postgresql.org/docs/current/static/release-9-4-6.html"
            },
            {
              "name": "USN-2894-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-2894-1"
            },
            {
              "name": "openSUSE-SU-2016:0531",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html"
            },
            {
              "name": "http://www.postgresql.org/docs/current/static/release-9-1-20.html",
              "refsource": "CONFIRM",
              "url": "http://www.postgresql.org/docs/current/static/release-9-1-20.html"
            },
            {
              "name": "DSA-3476",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3476"
            },
            {
              "name": "DSA-3475",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2016/dsa-3475"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2016-0766",
    "datePublished": "2016-02-17T15:00:00",
    "dateReserved": "2015-12-16T00:00:00",
    "dateUpdated": "2024-08-05T22:30:03.996Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

suse-su-2016:0539-1

Vulnerability from csaf_suse

CVE-2016-0773 (GCVE-0-2016-0773)

Vulnerability from cvelistv5

CVE-2007-4772 (GCVE-0-2007-4772)

Vulnerability from cvelistv5

CVE-2016-0766 (GCVE-0-2016-0766)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature