Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1409

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-1409
Last Modified 07 Mar 2011 09:21:44
Published 03 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1409

Summary

PostgreSQL 7.3.x through 8.0.x gives public EXECUTE access to certain character conversion functions, which allows unprivileged users to call those functions with malicious values, with unknown impact, aka the "Character conversion vulnerability."

Vulnerable Systems

Application

  • Postgresql 7.2.1

  • Postgresql 7.2.2

  • Postgresql 7.2.3

  • Postgresql 7.2.4

  • Postgresql 7.2.5

  • Postgresql 7.2.6

  • Postgresql 7.2.7

  • Postgresql 7.3

  • Postgresql 7.3.1

  • Postgresql 7.3.2

  • Postgresql 7.3.3

  • Postgresql 7.3.4

  • Postgresql 7.3.5

  • Postgresql 7.3.6

  • Postgresql 7.3.7

  • Postgresql 7.3.8

  • Postgresql 7.3.9

  • Postgresql 7.4

  • Postgresql 7.4.1

  • Postgresql 7.4.2

  • Postgresql 7.4.3

  • Postgresql 7.4.4

  • Postgresql 7.4.5

  • Postgresql 7.4.6

  • Postgresql 7.4.7

  • Postgresql 8.0

  • Postgresql 8.0.1

  • Postgresql 8.0.2


References

CONFIRM - http://www.postgresql.org/about/news.315

MLIST - [pgsql-announce] 20050502 IMPORTANT: two new PostgreSQL security problems found

VUPEN - ADV-2005-0453

BID - 13476

FEDORA - FLSA-2006:157366

REDHAT - RHSA-2005:433

SUSE - SUSE-SA:2005:036


Last Updated: 27 May 2016 10:40:09