Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2012-2655

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2012-2655
Last Modified 18 Apr 2013 11:22:09
Published 18 Jul 2012 07:55:01
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE

CVE-2012-2655

Summary

PostgreSQL 8.3.x before 8.3.19, 8.4.x before 8.4.12, 9.0.x before 9.0.8, and 9.1.x before 9.1.4 allows remote authenticated users to cause a denial of service (server crash) by adding the (1) SECURITY DEFINER or (2) SET attributes to a procedural language's call handler.

Vulnerable Systems

Application

  • Postgresql 8.3

  • Postgresql 8.3.1

  • Postgresql 8.3.10

  • Postgresql 8.3.11

  • Postgresql 8.3.12

  • Postgresql 8.3.13

  • Postgresql 8.3.14

  • Postgresql 8.3.15

  • Postgresql 8.3.16

  • Postgresql 8.3.17

  • Postgresql 8.3.18

  • Postgresql 8.3.2

  • Postgresql 8.3.3

  • Postgresql 8.3.4

  • Postgresql 8.3.5

  • Postgresql 8.3.6

  • Postgresql 8.3.7

  • Postgresql 8.3.8

  • Postgresql 8.3.9

  • Postgresql 8.4

  • Postgresql 8.4.1

  • Postgresql 8.4.10

  • Postgresql 8.4.11

  • Postgresql 8.4.2

  • Postgresql 8.4.3

  • Postgresql 8.4.4

  • Postgresql 8.4.5

  • Postgresql 8.4.6

  • Postgresql 8.4.7

  • Postgresql 8.4.8

  • Postgresql 8.4.9

  • Postgresql 9.0

  • Postgresql 9.0.1

  • Postgresql 9.0.2

  • Postgresql 9.0.3

  • Postgresql 9.0.4

  • Postgresql 9.0.5

  • Postgresql 9.0.6

  • Postgresql 9.0.7

  • Postgresql 9.1

  • Postgresql 9.1.1

  • Postgresql 9.1.2

  • Postgresql 9.1.3


References

CONFIRM - http://www.postgresql.org/about/news/1398/

MANDRIVA - MDVSA-2012:092

DEBIAN - DSA-2491

REDHAT - RHSA-2012:1037

FEDORA - FEDORA-2012-8915

FEDORA - FEDORA-2012-8924

FEDORA - FEDORA-2012-8893

SUSE - openSUSE-SU-2012:1299

SUSE - openSUSE-SU-2012:1288

SUSE - openSUSE-SU-2012:1251

SECUNIA - 50718

Related Patches

Red Hat 2012:1037-01 RHSA Moderate: postgresql and postgresql84 security update for RHEL 5 x86

Red Hat 2012:1037-01 RHSA Moderate: postgresql and postgresql84 security update for RHEL 5 x86_64

Novell SUSE 2012:6697 postgresql security update for SLE 11 SP1 i586

Novell SUSE 2012:6697 postgresql security update for SLE 11 SP1 x86_64

Novell SUSE 2012:8311 postgresql security update for SLE 10 SP4 i586

Novell SUSE 2012:8311 postgresql security update for SLE 10 SP4 x86_64


Last Updated: 27 May 2016 10:54:55