CVE-2007-4769 Information
Description
The regular expression parser in TCL before 8.4.17 as used in PostgreSQL 8.2 before 8.2.6 8.1 before 8.1.11 8.0 before 8.0.15 and 7.4 before 7.4.19 allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number.
Reference
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html http://secunia.com/advisories/28359 http://secunia.com/advisories/28376 http://secunia.com/advisories/28437 http://secunia.com/advisories/28438 http://secunia.com/advisories/28454 http://secunia.com/advisories/28455 http://secunia.com/advisories/28464 http://secunia.com/advisories/28477 http://secunia.com/advisories/28479 http://secunia.com/advisories/28679 http://secunia.com/advisories/28698 http://secunia.com/advisories/29638 http://security.gentoo.org/glsa/glsa-200801-15.xml http://securitytracker.com/id?1019157 http://sourceforge.net/project/shownotes.php?release_id=565440&group_id=10894 http://sourceforge.net/tracker/index.php?func=detail&aid=1810264&group_id=10894&atid=110894 http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1 http://www.debian.org/security/2008/dsa-1460 http://www.debian.org/security/2008/dsa-1463 http://www.mandriva.com/security/advisories?name=MDVSA-2008:004 http://www.postgresql.org/about/news.905 http://www.redhat.com/support/errata/RHSA-2008-0038.html http://www.redhat.com/support/errata/RHSA-2008-0040.html http://www.securityfocus.com/archive/1/485864/100/0/threaded http://www.securityfocus.com/archive/1/486407/100/0/threaded http://www.securityfocus.com/bid/27163 http://www.vupen.com/english/advisories/2008/0061 http://www.vupen.com/english/advisories/2008/0109 http://www.vupen.com/english/advisories/2008/1071/references https://exchange.xforce.ibmcloud.com/vulnerabilities/39499 https://issues.rpath.com/browse/RPL-1768 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A9804 https://usn.ubuntu.com/568-1/ https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html
Share on: