CVE-2010-4015
PostgreSQL: Stack-based buffer overflow by processing certain tokens from SQL query string when intarray module enabled
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Buffer overflow in the gettoken function in contrib/intarray/_int_bool.c in the intarray array module in PostgreSQL 9.0.x before 9.0.3, 8.4.x before 8.4.7, 8.3.x before 8.3.14, and 8.2.x before 8.2.20 allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via integers with a large number of digits to unspecified functions.
Desbordamiento de búfer en la función gettoken en contrib/intarray/_int_bool.c en el módulo de matriz intArray de PostgreSQL v9.0.x anterior a v9.0.3, v8.4.x anterior a v8.4.7, v8.3.x anterior a v8.3.14, y v8.2.x anterior a v8.2.20 permite a usuarios autenticados remotamente causar una denegación de servicio (caída) y posiblemente ejecucar código de su elección a través de enteros con un gran número de dígitos en funciones no especificadas
CVSS Scores
SSVC
- Decision:-
Timeline
- 2010-10-20 CVE Reserved
- 2011-02-02 CVE Published
- 2023-11-08 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-121: Stack-based Buffer Overflow
- CWE-189: Numeric Errors
CAPEC
References (31)
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.3 Search vendor "Postgresql" for product "Postgresql" and version "8.3" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.3.1 Search vendor "Postgresql" for product "Postgresql" and version "8.3.1" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.3.2 Search vendor "Postgresql" for product "Postgresql" and version "8.3.2" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.3.3 Search vendor "Postgresql" for product "Postgresql" and version "8.3.3" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.3.4 Search vendor "Postgresql" for product "Postgresql" and version "8.3.4" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.3.5 Search vendor "Postgresql" for product "Postgresql" and version "8.3.5" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.3.6 Search vendor "Postgresql" for product "Postgresql" and version "8.3.6" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.3.7 Search vendor "Postgresql" for product "Postgresql" and version "8.3.7" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.3.8 Search vendor "Postgresql" for product "Postgresql" and version "8.3.8" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.3.9 Search vendor "Postgresql" for product "Postgresql" and version "8.3.9" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.3.10 Search vendor "Postgresql" for product "Postgresql" and version "8.3.10" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.3.11 Search vendor "Postgresql" for product "Postgresql" and version "8.3.11" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.3.12 Search vendor "Postgresql" for product "Postgresql" and version "8.3.12" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.3.13 Search vendor "Postgresql" for product "Postgresql" and version "8.3.13" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.0 Search vendor "Postgresql" for product "Postgresql" and version "9.0" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.0.1 Search vendor "Postgresql" for product "Postgresql" and version "9.0.1" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 9.0.2 Search vendor "Postgresql" for product "Postgresql" and version "9.0.2" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.4 Search vendor "Postgresql" for product "Postgresql" and version "8.4" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.4.1 Search vendor "Postgresql" for product "Postgresql" and version "8.4.1" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.4.2 Search vendor "Postgresql" for product "Postgresql" and version "8.4.2" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.4.3 Search vendor "Postgresql" for product "Postgresql" and version "8.4.3" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.4.4 Search vendor "Postgresql" for product "Postgresql" and version "8.4.4" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.4.5 Search vendor "Postgresql" for product "Postgresql" and version "8.4.5" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.4.6 Search vendor "Postgresql" for product "Postgresql" and version "8.4.6" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2 Search vendor "Postgresql" for product "Postgresql" and version "8.2" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2.1 Search vendor "Postgresql" for product "Postgresql" and version "8.2.1" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2.2 Search vendor "Postgresql" for product "Postgresql" and version "8.2.2" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2.3 Search vendor "Postgresql" for product "Postgresql" and version "8.2.3" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2.4 Search vendor "Postgresql" for product "Postgresql" and version "8.2.4" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2.5 Search vendor "Postgresql" for product "Postgresql" and version "8.2.5" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2.6 Search vendor "Postgresql" for product "Postgresql" and version "8.2.6" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2.7 Search vendor "Postgresql" for product "Postgresql" and version "8.2.7" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2.8 Search vendor "Postgresql" for product "Postgresql" and version "8.2.8" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2.9 Search vendor "Postgresql" for product "Postgresql" and version "8.2.9" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2.10 Search vendor "Postgresql" for product "Postgresql" and version "8.2.10" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2.11 Search vendor "Postgresql" for product "Postgresql" and version "8.2.11" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2.12 Search vendor "Postgresql" for product "Postgresql" and version "8.2.12" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2.13 Search vendor "Postgresql" for product "Postgresql" and version "8.2.13" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2.14 Search vendor "Postgresql" for product "Postgresql" and version "8.2.14" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2.15 Search vendor "Postgresql" for product "Postgresql" and version "8.2.15" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2.16 Search vendor "Postgresql" for product "Postgresql" and version "8.2.16" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2.17 Search vendor "Postgresql" for product "Postgresql" and version "8.2.17" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2.18 Search vendor "Postgresql" for product "Postgresql" and version "8.2.18" | - |
Affected
| ||||||
Postgresql Search vendor "Postgresql" | Postgresql Search vendor "Postgresql" for product "Postgresql" | 8.2.19 Search vendor "Postgresql" for product "Postgresql" and version "8.2.19" | - |
Affected
|