// For flags

CVE-2007-0555

 

Severity Score

8.5
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

PostgreSQL 7.3 before 7.3.13, 7.4 before 7.4.16, 8.0 before 8.0.11, 8.1 before 8.1.7, and 8.2 before 8.2.2 allows attackers to disable certain checks for the data types of SQL function arguments, which allows remote authenticated users to cause a denial of service (server crash) and possibly access database content.

PostgreSQL 7.3 anterior a 7.3.13, 7.4 anterior a 7.4.16, 8.0 anterior a 8.0.11, 8.1 anterior a 8.1.7, y 8.2 anterior a 8.2.2 permite a los atacantes desactivar determinadas comprobaciones de los tipos de datos de los argumentos de funciones SQL, lo cual permite a usuarios autenticados remotamente provocar una denegación de servicio (caída del servidor) y posiblemente acceder a contenido de la base de datos.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
Complete
Integrity
None
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2007-01-29 CVE Reserved
  • 2007-02-06 CVE Published
  • 2024-07-01 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
References (42)
URL Tag Source
http://lists.rpath.com/pipermail/security-announce/2007-February/000141.html Broken Link
http://osvdb.org/33087 Broken Link
http://secunia.com/advisories/24028 Broken Link
http://secunia.com/advisories/24033 Broken Link
http://secunia.com/advisories/24042 Broken Link
http://secunia.com/advisories/24050 Broken Link
http://secunia.com/advisories/24057 Broken Link
http://secunia.com/advisories/24094 Broken Link
http://secunia.com/advisories/24151 Broken Link
http://secunia.com/advisories/24158 Broken Link
http://secunia.com/advisories/24284 Broken Link
http://secunia.com/advisories/24315 Broken Link
http://secunia.com/advisories/24513 Broken Link
http://secunia.com/advisories/24577 Broken Link
http://secunia.com/advisories/25220 Broken Link
http://securitytracker.com/id?1017597 Third Party Advisory
http://support.avaya.com/elmodocs2/security/ASA-2007-117.htm Third Party Advisory
http://www.securityfocus.com/archive/1/459280/100/0/threaded Mailing List
http://www.securityfocus.com/archive/1/459448/100/0/threaded Mailing List
http://www.securityfocus.com/bid/22387 Third Party Advisory
http://www.vupen.com/english/advisories/2007/0478 Third Party Advisory
http://www.vupen.com/english/advisories/2007/0774 Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/32195 Third Party Advisory
https://issues.rpath.com/browse/RPL-1025 Broken Link
https://issues.rpath.com/browse/RPL-830 Broken Link
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9739 Signature
URL Date SRC
URL Date SRC
URL Date SRC
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc 2023-01-19
http://fedoranews.org/cms/node/2554 2023-01-19
http://security.gentoo.org/glsa/glsa-200703-15.xml 2023-01-19
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102825-1 2023-01-19
http://www.debian.org/security/2007/dsa-1261 2023-01-19
http://www.mandriva.com/security/advisories?name=MDKSA-2007:037 2023-01-19
http://www.novell.com/linux/security/advisories/2007_10_sr.html 2023-01-19
http://www.postgresql.org/support/security 2023-01-19
http://www.redhat.com/support/errata/RHSA-2007-0064.html 2023-01-19
http://www.redhat.com/support/errata/RHSA-2007-0067.html 2023-01-19
http://www.redhat.com/support/errata/RHSA-2007-0068.html 2023-01-19
http://www.trustix.org/errata/2007/0007 2023-01-19
http://www.ubuntu.com/usn/usn-417-2 2023-01-19
https://usn.ubuntu.com/417-1 2023-01-19
https://access.redhat.com/security/cve/CVE-2007-0555 2007-03-14
https://bugzilla.redhat.com/show_bug.cgi?id=1618367 2007-03-14
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Postgresql
Search vendor "Postgresql"
 Postgresql
Search vendor "Postgresql" for product "Postgresql"
 >= 7.3 < 7.3.18
Search vendor "Postgresql" for product "Postgresql" and version " >= 7.3 < 7.3.18"
-
Affected
Postgresql
Search vendor "Postgresql"
 Postgresql
Search vendor "Postgresql" for product "Postgresql"
 >= 7.4 < 7.4.16
Search vendor "Postgresql" for product "Postgresql" and version " >= 7.4 < 7.4.16"
-
Affected
Postgresql
Search vendor "Postgresql"
 Postgresql
Search vendor "Postgresql" for product "Postgresql"
 >= 8.0 < 8.0.11
Search vendor "Postgresql" for product "Postgresql" and version " >= 8.0 < 8.0.11"
-
Affected
Postgresql
Search vendor "Postgresql"
 Postgresql
Search vendor "Postgresql" for product "Postgresql"
 >= 8.1 < 8.1.7
Search vendor "Postgresql" for product "Postgresql" and version " >= 8.1 < 8.1.7"
-
Affected
Postgresql
Search vendor "Postgresql"
 Postgresql
Search vendor "Postgresql" for product "Postgresql"
 >= 8.2 < 8.2.2
Search vendor "Postgresql" for product "Postgresql" and version " >= 8.2 < 8.2.2"
-
Affected