CVE-2007-4769
postgresql integer overflow in regex code
Severity Score
6.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number.
El analizador de expresiones regulares en TCL versiones anteriores a 8.4.17, como es usado en PostgreSQL versiones 8.2 anteriores a 8.2.6,versiones 8.1 anteriores a 8.1.11, versiones 8.0 anteriores a 8.0.15 y versiones 7.4 anteriores a 7.4.19, permite a usuarios autenticados remotos causar una denegación de servicio (bloqueo del backend) por medio de un número backref fuera de límites.
Index Functions Privilege Escalation: as a unique feature, PostgreSQL allows users to create indexes on the results of user-defined functions, known as expression indexes. This provided two vulnerabilities to privilege escalation: (1) index functions were executed as the superuser and not the table owner during VACUUM and ANALYZE, and (2) that SET ROLE and SET SESSION AUTHORIZATION were permitted within index functions. Regular Expression Denial-of-Service: three separate issues in the regular expression libraries used by PostgreSQL allowed malicious users to initiate a denial-of-service by passing certain regular expressions in SQL queries. First, users could create infinite loops using some specific regular expressions. Second, certain complex regular expressions could consume excessive amounts of memory. Third, out-of-range backref numbers could be used to crash the backend. DBLink Privilege Escalation: DBLink functions combined with local trust or ident authentication could be used by a malicious user to gain superuser privileges. This issue has been fixed, and does not affect users who have not installed DBLink (an optional module), or who are using password authentication for local access. This same problem was addressed in the previous release cycle , but that patch failed to close all forms of the loophole.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2007-09-10 CVE Reserved
- 2008-01-09 CVE Published
- 2024-08-07 CVE Updated
- 2025-05-22 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-189: Numeric Errors
- CWE-190: Integer Overflow or Wraparound
CAPEC
References (40)
| URL | Tag | Source |
|---|---|---|
| http://secunia.com/advisories/28477 | Third Party Advisory | |
| http://securitytracker.com/id?1019157 | Vdb Entry | |
| http://sourceforge.net/project/shownotes.php?release_id=565440&group_id=10894 | X_refsource_confirm | |
| http://sourceforge.net/tracker/index.php?func=detail&aid=1810264&group_id=10894&atid=110894 | X_refsource_confirm | |
| http://www.postgresql.org/about/news.905 | X_refsource_confirm | |
| http://www.securityfocus.com/archive/1/485864/100/0/threaded | Mailing List | |
| http://www.securityfocus.com/archive/1/486407/100/0/threaded | Mailing List | |
| http://www.vupen.com/english/advisories/2008/1071/references | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/39499 | Vdb Entry | |
| https://issues.rpath.com/browse/RPL-1768 | X_refsource_confirm | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9804 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://www.securityfocus.com/bid/27163 | 2018-10-15 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3 Search vendor "Postgresql" for product "Postgresql" and version "7.3" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.1 Search vendor "Postgresql" for product "Postgresql" and version "7.3.1" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.2 Search vendor "Postgresql" for product "Postgresql" and version "7.3.2" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.3 Search vendor "Postgresql" for product "Postgresql" and version "7.3.3" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.4 Search vendor "Postgresql" for product "Postgresql" and version "7.3.4" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.6 Search vendor "Postgresql" for product "Postgresql" and version "7.3.6" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.8 Search vendor "Postgresql" for product "Postgresql" and version "7.3.8" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.9 Search vendor "Postgresql" for product "Postgresql" and version "7.3.9" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.10 Search vendor "Postgresql" for product "Postgresql" and version "7.3.10" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.11 Search vendor "Postgresql" for product "Postgresql" and version "7.3.11" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.12 Search vendor "Postgresql" for product "Postgresql" and version "7.3.12" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.13 Search vendor "Postgresql" for product "Postgresql" and version "7.3.13" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.14 Search vendor "Postgresql" for product "Postgresql" and version "7.3.14" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.15 Search vendor "Postgresql" for product "Postgresql" and version "7.3.15" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.16 Search vendor "Postgresql" for product "Postgresql" and version "7.3.16" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.3.19 Search vendor "Postgresql" for product "Postgresql" and version "7.3.19" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4 Search vendor "Postgresql" for product "Postgresql" and version "7.4" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.1 Search vendor "Postgresql" for product "Postgresql" and version "7.4.1" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.2 Search vendor "Postgresql" for product "Postgresql" and version "7.4.2" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.3 Search vendor "Postgresql" for product "Postgresql" and version "7.4.3" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.4 Search vendor "Postgresql" for product "Postgresql" and version "7.4.4" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.5 Search vendor "Postgresql" for product "Postgresql" and version "7.4.5" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.6 Search vendor "Postgresql" for product "Postgresql" and version "7.4.6" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.7 Search vendor "Postgresql" for product "Postgresql" and version "7.4.7" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.8 Search vendor "Postgresql" for product "Postgresql" and version "7.4.8" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.9 Search vendor "Postgresql" for product "Postgresql" and version "7.4.9" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.10 Search vendor "Postgresql" for product "Postgresql" and version "7.4.10" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.11 Search vendor "Postgresql" for product "Postgresql" and version "7.4.11" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.12 Search vendor "Postgresql" for product "Postgresql" and version "7.4.12" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.13 Search vendor "Postgresql" for product "Postgresql" and version "7.4.13" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.14 Search vendor "Postgresql" for product "Postgresql" and version "7.4.14" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.16 Search vendor "Postgresql" for product "Postgresql" and version "7.4.16" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 7.4.17 Search vendor "Postgresql" for product "Postgresql" and version "7.4.17" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.0 Search vendor "Postgresql" for product "Postgresql" and version "8.0" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.0.1 Search vendor "Postgresql" for product "Postgresql" and version "8.0.1" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.0.2 Search vendor "Postgresql" for product "Postgresql" and version "8.0.2" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.0.3 Search vendor "Postgresql" for product "Postgresql" and version "8.0.3" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.0.4 Search vendor "Postgresql" for product "Postgresql" and version "8.0.4" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.0.5 Search vendor "Postgresql" for product "Postgresql" and version "8.0.5" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.0.7 Search vendor "Postgresql" for product "Postgresql" and version "8.0.7" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.0.8 Search vendor "Postgresql" for product "Postgresql" and version "8.0.8" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.0.9 Search vendor "Postgresql" for product "Postgresql" and version "8.0.9" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.0.11 Search vendor "Postgresql" for product "Postgresql" and version "8.0.11" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.0.13 Search vendor "Postgresql" for product "Postgresql" and version "8.0.13" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.0.317 Search vendor "Postgresql" for product "Postgresql" and version "8.0.317" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.1.1 Search vendor "Postgresql" for product "Postgresql" and version "8.1.1" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.1.3 Search vendor "Postgresql" for product "Postgresql" and version "8.1.3" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.1.4 Search vendor "Postgresql" for product "Postgresql" and version "8.1.4" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.1.5 Search vendor "Postgresql" for product "Postgresql" and version "8.1.5" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.1.7 Search vendor "Postgresql" for product "Postgresql" and version "8.1.7" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.1.8 Search vendor "Postgresql" for product "Postgresql" and version "8.1.8" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.1.9 Search vendor "Postgresql" for product "Postgresql" and version "8.1.9" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2 Search vendor "Postgresql" for product "Postgresql" and version "8.2" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2.2 Search vendor "Postgresql" for product "Postgresql" and version "8.2.2" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2.3 Search vendor "Postgresql" for product "Postgresql" and version "8.2.3" | - |
Affected
| ||||||
| Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2.4 Search vendor "Postgresql" for product "Postgresql" and version "8.2.4" | - |
Affected
| ||||||
| Tcl Tk Search vendor "Tcl Tk" | Tcl Tk Search vendor "Tcl Tk" for product "Tcl Tk" | <= 8.4.16 Search vendor "Tcl Tk" for product "Tcl Tk" and version " <= 8.4.16" | - |
Affected
| ||||||