CVE-2007-0555 - Vulnerability Details

PostgreSQL 7.3 before 7.3.13, 7.4 before 7.4.16, 8.0 before 8.0.11, 8.1 before 8.1.7, and 8.2 before 8.2.2 allows attackers to disable certain checks for the data types of SQL function arguments, which allows remote authenticated users to cause a denial of service (server crash) and possibly access database content.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact None

Availability Impact Complete

AV:N/AC:L/Au:S/C:C/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Postgresql	Postgresql
Redhat	Enterprise Linux Rhel Application Stack

Configuration 1 [-]

OR	cpe:2.3:a:postgresql:postgresql::::::::
	cpe:2.3:a:postgresql:postgresql::::::::
	cpe:2.3:a:postgresql:postgresql::::::::
	cpe:2.3:a:postgresql:postgresql::::::::
	cpe:2.3:a:postgresql:postgresql::::::::

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 3
rh-postgresql-0:7.3.18-1	cpe:/o:redhat:enterprise_linux:3	RHSA-2007:0064	2007-02-07T00:00:00Z
Red Hat Enterprise Linux 4
postgresql-0:7.4.16-1.RHEL4.1	cpe:/o:redhat:enterprise_linux:4	RHSA-2007:0064	2007-02-07T00:00:00Z
Red Hat Enterprise Linux 5
postgresql-0:8.1.8-1.el5	cpe:/o:redhat:enterprise_linux:5	RHSA-2007:0068	2007-03-14T00:00:00Z
Red Hat Web Application Stack for RHEL 4
postgresql-0:8.1.7-3.el4s1.1	cpe:/a:redhat:rhel_application_stack:1	RHSA-2007:0067	2007-02-07T00:00:00Z

References

Link	Providers
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
http://fedoranews.org/cms/node/2554
http://lists.rpath.com/pipermail/security-announce/2007-February/000141.html
http://osvdb.org/33087
http://secunia.com/advisories/24028
http://secunia.com/advisories/24033
http://secunia.com/advisories/24042
http://secunia.com/advisories/24050
http://secunia.com/advisories/24057
http://secunia.com/advisories/24094
http://secunia.com/advisories/24151
http://secunia.com/advisories/24158
http://secunia.com/advisories/24284
http://secunia.com/advisories/24315
http://secunia.com/advisories/24513
http://secunia.com/advisories/24577
http://secunia.com/advisories/25220
http://security.gentoo.org/glsa/glsa-200703-15.xml
http://securitytracker.com/id?1017597
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102825-1
http://support.avaya.com/elmodocs2/security/ASA-2007-117.htm
http://www.debian.org/security/2007/dsa-1261
http://www.mandriva.com/security/advisories?name=MDKSA-2007:037
http://www.novell.com/linux/security/advisories/2007_10_sr.html
http://www.postgresql.org/support/security
http://www.redhat.com/support/errata/RHSA-2007-0064.html
http://www.redhat.com/support/errata/RHSA-2007-0067.html
http://www.redhat.com/support/errata/RHSA-2007-0068.html
http://www.securityfocus.com/archive/1/459280/100/0/threaded
http://www.securityfocus.com/archive/1/459448/100/0/threaded
http://www.securityfocus.com/bid/22387
http://www.trustix.org/errata/2007/0007
http://www.ubuntu.com/usn/usn-417-2
http://www.vupen.com/english/advisories/2007/0478
http://www.vupen.com/english/advisories/2007/0774
https://exchange.xforce.ibmcloud.com/vulnerabilities/32195
https://issues.rpath.com/browse/RPL-1025
https://issues.rpath.com/browse/RPL-830
https://nvd.nist.gov/vuln/detail/CVE-2007-0555
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9739
https://usn.ubuntu.com/417-1/
https://www.cve.org/CVERecord?id=CVE-2007-0555

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2007-02-06T01:00:00

Updated: 2024-08-07T12:19:30.561Z

Reserved: 2007-01-29T00:00:00

Link: CVE-2007-0555

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2007-02-06T01:28:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2007-0555

Redhat

Severity : Moderate

Publid Date: 2007-02-05T00:00:00Z

Links: CVE-2007-0555 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2007-02-05T00:00:00", "descriptions": [{"lang": "en", "value": "PostgreSQL 7.3 before 7.3.13, 7.4 before 7.4.16, 8.0 before 8.0.11, 8.1 before 8.1.7, and 8.2 before 8.2.2 allows attackers to disable certain checks for the data types of SQL function arguments, which allows remote authenticated users to cause a denial of service (server crash) and possibly access database content."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-16T14:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://issues.rpath.com/browse/RPL-1025"}, {"name": "24050", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24050"}, {"name": "22387", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/22387"}, {"name": "24513", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24513"}, {"name": "DSA-1261", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2007/dsa-1261"}, {"name": "24315", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24315"}, {"name": "RHSA-2007:0068", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0068.html"}, {"name": "oval:org.mitre.oval:def:9739", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9739"}, {"name": "24158", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24158"}, {"name": "20070208 rPSA-2007-0025-2 postgresql postgresql-server", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/459448/100/0/threaded"}, {"name": "ADV-2007-0774", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/0774"}, {"name": "20070206 rPSA-2007-0025-1 postgresql postgresql-server", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/459280/100/0/threaded"}, {"name": "ADV-2007-0478", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2007/0478"}, {"name": "33087", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/33087"}, {"name": "24151", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24151"}, {"name": "USN-417-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/usn-417-2"}, {"name": "24284", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24284"}, {"name": "postgresql-sqlfunctions-info-disclosure(32195)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32195"}, {"name": "24577", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24577"}, {"name": "24033", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24033"}, {"name": "1017597", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1017597"}, {"name": "USN-417-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/417-1/"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://issues.rpath.com/browse/RPL-830"}, {"name": "SUSE-SR:2007:010", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://www.novell.com/linux/security/advisories/2007_10_sr.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.postgresql.org/support/security"}, {"name": "FEDORA-2007-198", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://fedoranews.org/cms/node/2554"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-117.htm"}, {"name": "2007-0007", "tags": ["vendor-advisory", "x_refsource_TRUSTIX"], "url": "http://www.trustix.org/errata/2007/0007"}, {"name": "MDKSA-2007:037", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:037"}, {"name": "RHSA-2007:0064", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0064.html"}, {"name": "RHSA-2007:0067", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0067.html"}, {"name": "20070201-01-P", "tags": ["vendor-advisory", "x_refsource_SGI"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc"}, {"name": "24057", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24057"}, {"name": "25220", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/25220"}, {"name": "24042", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24042"}, {"name": "24028", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24028"}, {"name": "[security-announce] 20070206 rPSA-2007-0025-1 postgresql postgresql-server", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.rpath.com/pipermail/security-announce/2007-February/000141.html"}, {"name": "24094", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/24094"}, {"name": "102825", "tags": ["vendor-advisory", "x_refsource_SUNALERT"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102825-1"}, {"name": "GLSA-200703-15", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-200703-15.xml"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-0555", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "PostgreSQL 7.3 before 7.3.13, 7.4 before 7.4.16, 8.0 before 8.0.11, 8.1 before 8.1.7, and 8.2 before 8.2.2 allows attackers to disable certain checks for the data types of SQL function arguments, which allows remote authenticated users to cause a denial of service (server crash) and possibly access database content."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://issues.rpath.com/browse/RPL-1025", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-1025"}, {"name": "24050", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24050"}, {"name": "22387", "refsource": "BID", "url": "http://www.securityfocus.com/bid/22387"}, {"name": "24513", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24513"}, {"name": "DSA-1261", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2007/dsa-1261"}, {"name": "24315", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24315"}, {"name": "RHSA-2007:0068", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-0068.html"}, {"name": "oval:org.mitre.oval:def:9739", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9739"}, {"name": "24158", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24158"}, {"name": "20070208 rPSA-2007-0025-2 postgresql postgresql-server", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/459448/100/0/threaded"}, {"name": "ADV-2007-0774", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/0774"}, {"name": "20070206 rPSA-2007-0025-1 postgresql postgresql-server", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/459280/100/0/threaded"}, {"name": "ADV-2007-0478", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2007/0478"}, {"name": "33087", "refsource": "OSVDB", "url": "http://osvdb.org/33087"}, {"name": "24151", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24151"}, {"name": "USN-417-2", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-417-2"}, {"name": "24284", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24284"}, {"name": "postgresql-sqlfunctions-info-disclosure(32195)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32195"}, {"name": "24577", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24577"}, {"name": "24033", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24033"}, {"name": "1017597", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1017597"}, {"name": "USN-417-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/417-1/"}, {"name": "https://issues.rpath.com/browse/RPL-830", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-830"}, {"name": "SUSE-SR:2007:010", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2007_10_sr.html"}, {"name": "http://www.postgresql.org/support/security", "refsource": "CONFIRM", "url": "http://www.postgresql.org/support/security"}, {"name": "FEDORA-2007-198", "refsource": "FEDORA", "url": "http://fedoranews.org/cms/node/2554"}, {"name": "http://support.avaya.com/elmodocs2/security/ASA-2007-117.htm", "refsource": "CONFIRM", "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-117.htm"}, {"name": "2007-0007", "refsource": "TRUSTIX", "url": "http://www.trustix.org/errata/2007/0007"}, {"name": "MDKSA-2007:037", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:037"}, {"name": "RHSA-2007:0064", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-0064.html"}, {"name": "RHSA-2007:0067", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2007-0067.html"}, {"name": "20070201-01-P", "refsource": "SGI", "url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc"}, {"name": "24057", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24057"}, {"name": "25220", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25220"}, {"name": "24042", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24042"}, {"name": "24028", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24028"}, {"name": "[security-announce] 20070206 rPSA-2007-0025-1 postgresql postgresql-server", "refsource": "MLIST", "url": "http://lists.rpath.com/pipermail/security-announce/2007-February/000141.html"}, {"name": "24094", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/24094"}, {"name": "102825", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102825-1"}, {"name": "GLSA-200703-15", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200703-15.xml"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T12:19:30.561Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://issues.rpath.com/browse/RPL-1025"}, {"name": "24050", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24050"}, {"name": "22387", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/22387"}, {"name": "24513", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24513"}, {"name": "DSA-1261", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2007/dsa-1261"}, {"name": "24315", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24315"}, {"name": "RHSA-2007:0068", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0068.html"}, {"name": "oval:org.mitre.oval:def:9739", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9739"}, {"name": "24158", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24158"}, {"name": "20070208 rPSA-2007-0025-2 postgresql postgresql-server", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/459448/100/0/threaded"}, {"name": "ADV-2007-0774", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/0774"}, {"name": "20070206 rPSA-2007-0025-1 postgresql postgresql-server", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/459280/100/0/threaded"}, {"name": "ADV-2007-0478", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2007/0478"}, {"name": "33087", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/33087"}, {"name": "24151", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24151"}, {"name": "USN-417-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/usn-417-2"}, {"name": "24284", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24284"}, {"name": "postgresql-sqlfunctions-info-disclosure(32195)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32195"}, {"name": "24577", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24577"}, {"name": "24033", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24033"}, {"name": "1017597", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1017597"}, {"name": "USN-417-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/417-1/"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://issues.rpath.com/browse/RPL-830"}, {"name": "SUSE-SR:2007:010", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://www.novell.com/linux/security/advisories/2007_10_sr.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.postgresql.org/support/security"}, {"name": "FEDORA-2007-198", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://fedoranews.org/cms/node/2554"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-117.htm"}, {"name": "2007-0007", "tags": ["vendor-advisory", "x_refsource_TRUSTIX", "x_transferred"], "url": "http://www.trustix.org/errata/2007/0007"}, {"name": "MDKSA-2007:037", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:037"}, {"name": "RHSA-2007:0064", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0064.html"}, {"name": "RHSA-2007:0067", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0067.html"}, {"name": "20070201-01-P", "tags": ["vendor-advisory", "x_refsource_SGI", "x_transferred"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc"}, {"name": "24057", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24057"}, {"name": "25220", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/25220"}, {"name": "24042", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24042"}, {"name": "24028", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24028"}, {"name": "[security-announce] 20070206 rPSA-2007-0025-1 postgresql postgresql-server", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.rpath.com/pipermail/security-announce/2007-February/000141.html"}, {"name": "24094", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/24094"}, {"name": "102825", "tags": ["vendor-advisory", "x_refsource_SUNALERT", "x_transferred"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102825-1"}, {"name": "GLSA-200703-15", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-200703-15.xml"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-0555", "datePublished": "2007-02-06T01:00:00", "dateReserved": "2007-01-29T00:00:00", "dateUpdated": "2024-08-07T12:19:30.561Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", "matchCriteriaId": "74C80C9C-E694-411A-8FFA-37086DA93E98", "versionEndExcluding": "7.3.18", "versionStartIncluding": "7.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", "matchCriteriaId": "4222C601-5A7B-4271-BB7E-60C6AB0A44F0", "versionEndExcluding": "7.4.16", "versionStartIncluding": "7.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", "matchCriteriaId": "3126BF80-DE85-4528-929B-BF5AE975D34F", "versionEndExcluding": "8.0.11", "versionStartIncluding": "8.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", "matchCriteriaId": "6245E857-5D6D-48BC-ACD0-F9E7640DDBE8", "versionEndExcluding": "8.1.7", "versionStartIncluding": "8.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*", "matchCriteriaId": "4291E43E-C563-4994-A769-A7D94F4186CC", "versionEndExcluding": "8.2.2", "versionStartIncluding": "8.2", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "PostgreSQL 7.3 before 7.3.13, 7.4 before 7.4.16, 8.0 before 8.0.11, 8.1 before 8.1.7, and 8.2 before 8.2.2 allows attackers to disable certain checks for the data types of SQL function arguments, which allows remote authenticated users to cause a denial of service (server crash) and possibly access database content."}, {"lang": "es", "value": "PostgreSQL 7.3 anterior a 7.3.13, 7.4 anterior a 7.4.16, 8.0 anterior a 8.0.11, 8.1 anterior a 8.1.7, y 8.2 anterior a 8.2.2 permite a los atacantes desactivar determinadas comprobaciones de los tipos de datos de los argumentos de funciones SQL, lo cual permite a usuarios autenticados remotamente provocar una denegaci\u00f3n de servicio (ca\u00edda del servidor) y posiblemente acceder a contenido de la base de datos."}], "id": "CVE-2007-0555", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 8.5, "confidentialityImpact": "COMPLETE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:C/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 9.2, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2007-02-06T01:28:00.000", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://fedoranews.org/cms/node/2554"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://lists.rpath.com/pipermail/security-announce/2007-February/000141.html"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://osvdb.org/33087"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/24028"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/24033"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/24042"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/24050"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/24057"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/24094"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/24151"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/24158"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/24284"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/24315"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/24513"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/24577"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/25220"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://security.gentoo.org/glsa/glsa-200703-15.xml"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://securitytracker.com/id?1017597"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102825-1"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-117.htm"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2007/dsa-1261"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:037"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.novell.com/linux/security/advisories/2007_10_sr.html"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "http://www.postgresql.org/support/security"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0064.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0067.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0068.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/459280/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/459448/100/0/threaded"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/22387"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "http://www.trustix.org/errata/2007/0007"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/usn-417-2"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2007/0478"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2007/0774"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32195"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://issues.rpath.com/browse/RPL-1025"}, {"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://issues.rpath.com/browse/RPL-830"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9739"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/417-1/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://fedoranews.org/cms/node/2554"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://lists.rpath.com/pipermail/security-announce/2007-February/000141.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://osvdb.org/33087"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/24028"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/24033"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/24042"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/24050"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/24057"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/24094"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/24151"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/24158"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/24284"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/24315"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/24513"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/24577"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://secunia.com/advisories/25220"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://security.gentoo.org/glsa/glsa-200703-15.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://securitytracker.com/id?1017597"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-102825-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://support.avaya.com/elmodocs2/security/ASA-2007-117.htm"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2007/dsa-1261"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:037"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.novell.com/linux/security/advisories/2007_10_sr.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.postgresql.org/support/security"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0064.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0067.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.redhat.com/support/errata/RHSA-2007-0068.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/459280/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/459448/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/22387"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "http://www.trustix.org/errata/2007/0007"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.ubuntu.com/usn/usn-417-2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2007/0478"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.vupen.com/english/advisories/2007/0774"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32195"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://issues.rpath.com/browse/RPL-1025"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link"], "url": "https://issues.rpath.com/browse/RPL-830"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9739"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/417-1/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2007:0064", "cpe": "cpe:/o:redhat:enterprise_linux:3", "package": "rh-postgresql-0:7.3.18-1", "product_name": "Red Hat Enterprise Linux 3", "release_date": "2007-02-07T00:00:00Z"}, {"advisory": "RHSA-2007:0064", "cpe": "cpe:/o:redhat:enterprise_linux:4", "package": "postgresql-0:7.4.16-1.RHEL4.1", "product_name": "Red Hat Enterprise Linux 4", "release_date": "2007-02-07T00:00:00Z"}, {"advisory": "RHSA-2007:0068", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "postgresql-0:8.1.8-1.el5", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2007-03-14T00:00:00Z"}, {"advisory": "RHSA-2007:0067", "cpe": "cpe:/a:redhat:rhel_application_stack:1", "package": "postgresql-0:8.1.7-3.el4s1.1", "product_name": "Red Hat Web Application Stack for RHEL 4", "release_date": "2007-02-07T00:00:00Z"}], "bugzilla": {"description": "security flaw", "id": "1618367", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1618367"}, "csaw": false, "details": ["PostgreSQL 7.3 before 7.3.13, 7.4 before 7.4.16, 8.0 before 8.0.11, 8.1 before 8.1.7, and 8.2 before 8.2.2 allows attackers to disable certain checks for the data types of SQL function arguments, which allows remote authenticated users to cause a denial of service (server crash) and possibly access database content."], "name": "CVE-2007-0555", "public_date": "2007-02-05T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2007-0555\nhttps://nvd.nist.gov/vuln/detail/CVE-2007-0555"], "threat_severity": "Moderate"}

Metrics

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

Metrics

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Complete

Integrity Impact None

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object