CVE-2005-1409

Severity

75%

Complexity

99%

Confidentiality

106%

PostgreSQL 7.3.x through 8.0.x gives public EXECUTE access to certain character conversion functions, which allows unprivileged users to call those functions with malicious values, with unknown impact, aka the "Character conversion vulnerability."

PostgreSQL 7.3.x through 8.0.x gives public EXECUTE access to certain character conversion functions, which allows unprivileged users to call those functions with malicious values, with unknown impact, aka the "Character conversion vulnerability."

CVSS 2.0 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P).

Overview

Type

PostgreSQL

First reported 19 years ago

2005-05-03 04:00:00

Last updated 6 years ago

2018-10-19 15:31:00

Affected Software

PostgreSQL 7.2.1

7.2.1

PostgreSQL 7.2.2

7.2.2

PostgreSQL 7.2.3

7.2.3

PostgreSQL 7.2.4

7.2.4

PostgreSQL 7.2.5

7.2.5

PostgreSQL 7.2.6

7.2.6

PostgreSQL 7.2.7

7.2.7

PostgreSQL 7.3

7.3

PostgreSQL 7.3.1

7.3.1

PostgreSQL 7.3.2

7.3.2

PostgreSQL 7.3.3

7.3.3

PostgreSQL 7.3.4

7.3.4

PostgreSQL 7.3.5

7.3.5

PostgreSQL 7.3.6

7.3.6

PostgreSQL 7.3.7

7.3.7

PostgreSQL 7.3.8

7.3.8

PostgreSQL 7.3.9

7.3.9

PostgreSQL PostgreSQL 7.4

7.4

PostgreSQL PostgreSQL 7.4.1

7.4.1

PostgreSQL PostgreSQL 7.4.2

7.4.2

PostgreSQL PostgreSQL 7.4.3

7.4.3

PostgreSQL PostgreSQL 7.4.4

7.4.4

PostgreSQL PostgreSQL 7.4.5

7.4.5

PostgreSQL PostgreSQL 7.4.6

7.4.6

PostgreSQL PostgreSQL 7.4.7

7.4.7

PostgreSQL 8.0

8.0

PostgreSQL PostgreSQL 8.0.1

8.0.1

PostgreSQL PostgreSQL 8.0.2

8.0.2

References

[pgsql-announce] 20050502 IMPORTANT: two new PostgreSQL security problems found

Patch

SUSE-SA:2005:036

http://www.postgresql.org/about/news.315

Patch

RHSA-2005:433

FLSA-2006:157366

13476

ADV-2005-0453

oval:org.mitre.oval:def:10050

oval:org.mitre.oval:def:676

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.