CVSS: 6.8EPSS: 1%CPEs: 62EXPL: 0CVE-2013-0255 – postgresql: array indexing error in enum_recv()
https://notcve.org/view.php?id=CVE-2013-0255
PostgreSQL 9.2.x before 9.2.3, 9.1.x before 9.1.8, 9.0.x before 9.0.12, 8.4.x before 8.4.16, and 8.3.x before 8.3.23 does not properly declare the enum_recv function in backend/utils/adt/enum.c, which causes it to be invoked with incorrect arguments and allows remote authenticated users to cause a denial of service (server crash) or read sensitive process memory via a crafted SQL command, which triggers an array index error and an out-of-bounds read. PostgreSQL v9.2.x anteriores a v9.2.3, v9.1.x anteriores a v9.1.8, v9.0.x anteriores a v9.0.12, v8.4.x anteriores a v8.4.16, y v8.3.x anteriores a v8.3.23 no declaran correctamente la función enum_recv en backend/utils/adt/enum.c, lo cual provoca que se invoque con argumentos incorrectos y permitiendo que usuarios remotos autenticados causen una denegación de servicio (caída del servidor)o la lectura de procesos de memoria a través de un comando SQL manipulado que provoca un error de indexación del array y lectura fuera de rango. • http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098586.html http://lists.opensuse.org/opensuse-updates/2013-02/msg00059.html http://lists.opensuse.org/opensuse-updates/2013-02/msg00060.html http://osvdb.org/89935 http://rhn.redhat.com/errata/RHSA-2013-1475.html http://secunia.com/advisories/51923 http://secunia.com/advisories/52819 http://securitytracker.com/id?1028092 http://www.debian.org/security/2013/dsa-2630 http://www.mandriva.com/security/advisories? • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2012-1618
https://notcve.org/view.php?id=CVE-2012-1618
Interaction error in the PostgreSQL JDBC driver before 8.2, when used with a PostgreSQL server with the "standard_conforming_strings" option enabled, such as the default configuration of PostgreSQL 9.1, does not properly escape unspecified JDBC statement parameters, which allows remote attackers to perform SQL injection attacks. NOTE: as of 20120330, it was claimed that the upstream developer planned to dispute this issue, but an official dispute has not been posted as of 20121005. Error de interacción en el controlador PostgreSQL JDBC anteriores a v8.2, cuando se usa con el servidor PostgreSQL con la opción "standard_conforming_strings" activa, como la configuración por defecto de PostgreSQL v9.1, no "escapa" de forma adecuada parámetros JDBC de declaración, lo que permite a atacantes remotos a efectuar ataques de inyección SQL. NOTA: se afirmó que el desarrollador original planeaba discutir ese punto, pero una disputa oficial no ha sido publicada a partir de 20121005. • http://archives.neohapsis.com/archives/bugtraq/2012-03/0126.html http://lists.opensuse.org/opensuse-security/2012-03/msg00024.html http://www.openwall.com/lists/oss-security/2012/03/30/8 http://www.openwall.com/lists/oss-security/2012/03/30/9 http://www.openwall.com/lists/oss-security/2012/03/31/1 http://www.openwall.com/lists/oss-security/2012/04/02/4 http://www.openwall.com/lists/oss-security/2012/04/04/11 http://www.openwall.com/lists/oss-security&#x •
CVSS: 4.9EPSS: 0%CPEs: 47EXPL: 0CVE-2012-3488 – module): XXE by applying XSL stylesheet to the document
https://notcve.org/view.php?id=CVE-2012-3488
The libxslt support in contrib/xml2 in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 does not properly restrict access to files and URLs, which allows remote authenticated users to modify data, obtain sensitive information, or trigger outbound traffic to arbitrary external hosts by leveraging (1) stylesheet commands that are permitted by the libxslt security options or (2) an xslt_process feature, related to an XML External Entity (aka XXE) issue. El soporte libxslt en contrib/xml2 en PostgreSQL v8.3 anteriores a v8.3.20, v8.4 anteriores a v8.4.13, v9.0 anteriores a v9.0.9, y v9.1 anteriores a v9.1.5 no restringe el acceso de forma adecuada a ficheros y URLs, lo que permite a atacantes remotos modificar datos y obtener información sensible, o provocar tráfico fuera de los límites a host externos mediante el aprovechamiento de (1)comandos de hoja de estilo que son permitirás por la opción de seguridad de libxslt o (2) la funcionalidad xslt_process, relacionada con la funcionalidad XML External Entity (también conocida como XXE). • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://lists.apple.com/archives/security-announce/2013/Mar/msg00002.html http://lists.opensuse.org/opensuse-updates/2012-09/msg00102.html http://lists.opensuse.org/opensuse-updates/2012-10/msg00013.html http://lists.opensuse.org/opensuse-updates/2012-10/msg00024.html http://rhn.redhat.com/errata/RHSA-2012-1263.html http://rhn.redhat.com/errata/RHSA-2012-1264.html http://secunia.com/advisories/50635 http://secunia.com • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 6.5EPSS: 0%CPEs: 22EXPL: 0CVE-2012-3489 – postgresql: File disclosure through XXE in xmlparse by DTD validation
https://notcve.org/view.php?id=CVE-2012-3489
The xml_parse function in the libxml2 support in the core server component in PostgreSQL 8.3 before 8.3.20, 8.4 before 8.4.13, 9.0 before 9.0.9, and 9.1 before 9.1.5 allows remote authenticated users to determine the existence of arbitrary files or URLs, and possibly obtain file or URL content that triggers a parsing error, via an XML value that refers to (1) a DTD or (2) an entity, related to an XML External Entity (aka XXE) issue. La función xml_parse en el soporte libxml2 en el componente de servidor central en PostgreSQL v8.3 antes de v8.3.20, v8.4 antes de v8.4.13, v9.0 antes de v9.0.9, y v9.1 antes de v9.1.5, permite a atacantes remotos determinar la existencia de archivos o URLs arbitrarias y, posiblemente, obtener el archivo o el contenido de URL que desencadena un error de validación, a través de un valor XML que se refiere a (1) una DTD o (2) una entidad, relacionada con una cuestión XML External Entity (también conocido como XXE). • http://lists.apple.com/archives/security-announce/2013/Mar/msg00002.html http://lists.opensuse.org/opensuse-updates/2012-09/msg00102.html http://lists.opensuse.org/opensuse-updates/2012-10/msg00013.html http://lists.opensuse.org/opensuse-updates/2012-10/msg00024.html http://rhn.redhat.com/errata/RHSA-2012-1263.html http://secunia.com/advisories/50635 http://secunia.com/advisories/50718 http://secunia.com/advisories/50859 http://secunia.com/advisories/50946 http://www.debian.org&# • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 4.0EPSS: 1%CPEs: 43EXPL: 0CVE-2012-2655 – postgresql: Ability of database owners to install procedural languages via CREATE LANGUAGE found unsafe (DoS)
https://notcve.org/view.php?id=CVE-2012-2655
PostgreSQL 8.3.x before 8.3.19, 8.4.x before 8.4.12, 9.0.x before 9.0.8, and 9.1.x before 9.1.4 allows remote authenticated users to cause a denial of service (server crash) by adding the (1) SECURITY DEFINER or (2) SET attributes to a procedural language's call handler. PostgreSQL v8.3.x antes de v8.3.19, v8.4.x antes de v8.4.12, v9.0.x antes de v9.0.8 y v9.1.x antes de v9.1.4 permite a usuarios autenticados remotamente provocar una denegación de servicio (caída del servidor), añadiendo los atributos (1) SECURITY DEFINER o (2)SET al controlador de llamada de un lenguaje de procedimientos. • http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082258.html http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082292.html http://lists.fedoraproject.org/pipermail/package-announce/2012-June/082294.html http://lists.opensuse.org/opensuse-updates/2012-09/msg00102.html http://lists.opensuse.org/opensuse-updates/2012-10/msg00013.html http://lists.opensuse.org/opensuse-updates/2012-10/msg00024.html http://rhn.redhat.com/errata/RHSA-2012-1037.html http://secunia.co • CWE-399: Resource Management Errors •