CVE-2007-4769
Description
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number.
Risk Information
Base Score
6.5
MODERATE
Vector
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
1.194
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerability CVE-2007-4769,CVE-2007-6067,CVE-2007-6601 are affected in Postgresql 8.2.4 | Windows |
| Vulnerabilities CVE-2007-6601,CVE-2007-6600,CVE-2007-4769 are fixed in PostgreSQL 8.2.6 | Windows |
| Vulnerabilities CVE-2007-6601,CVE-2007-6600,CVE-2007-4769 are fixed in PostgreSQL 8.1.11 | Windows |
| Vulnerabilities CVE-2007-6601,CVE-2007-6600,CVE-2007-4769 are fixed in PostgreSQL 8.0.15 | Windows |
| Vulnerabilities CVE-2007-6601,CVE-2007-6600,CVE-2007-4769 are fixed in PostgreSQL 7.4.19 | Windows |
| Vulnerability CVE-2007-4769,CVE-2007-6067,CVE-2007-6601 are affected in Postgresql 8.2.4 (For Linux) | Linux |
| Vulnerabilities CVE-2007-6601,CVE-2007-6600,CVE-2007-4769 are fixed in PostgreSQL 8.2.6 (For Linux) | Linux |
| Vulnerabilities CVE-2007-6601,CVE-2007-6600,CVE-2007-4769 are fixed in PostgreSQL 8.1.11 (For Linux) | Linux |
| Vulnerabilities CVE-2007-6601,CVE-2007-6600,CVE-2007-4769 are fixed in PostgreSQL 8.0.15 (For Linux) | Linux |
| Vulnerabilities CVE-2007-6601,CVE-2007-6600,CVE-2007-4769 are fixed in PostgreSQL 7.4.19 (For Linux) | Linux |
| Postgresql-server update (ELSA-2024-10882) postgresql-server-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-pltcl update (ELSA-2024-10882) postgresql-pltcl-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-plpython update (ELSA-2024-10882) postgresql-plpython-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-plperl update (ELSA-2024-10882) postgresql-plperl-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-libs update (ELSA-2024-10882) postgresql-libs-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-libs update (ELSA-2024-10882) postgresql-libs-9.2.24-9.0.3.el7_9.i686.rpm | Linux |
| Postgresql-docs update (ELSA-2024-10882) postgresql-docs-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-devel update (ELSA-2024-10882) postgresql-devel-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql-devel update (ELSA-2024-10882) postgresql-devel-9.2.24-9.0.3.el7_9.i686.rpm | Linux |
| Postgresql-contrib update (ELSA-2024-10882) postgresql-contrib-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql update (ELSA-2024-10882) postgresql-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
| Postgresql update (ELSA-2024-10882) postgresql-9.2.24-9.0.3.el7_9.i686.rpm | Linux |
| Postgresql-test update (ELSA-2024-10882) postgresql-test-9.2.24-9.0.3.el7_9.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234