CVE-2005-0227

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2005-0227
PostgreSQL (pgsql) 7.4.x, 7.2.x, and other versions allows local users to load arbitrary shared libraries and execute code via the LOAD extension.

4.3 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:S/C:P/I:P/A:P

Exploitability : 3.1 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References
Link Resource
http://archives.postgresql.org/pgsql-announce/2005-02/msg00000.php Patch Vendor Advisory
http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php Vendor Advisory
http://marc.info/?l=bugtraq&m=110726899107148&w=2 Mailing List Third Party Advisory
http://secunia.com/advisories/12948 Third Party Advisory
http://security.gentoo.org/glsa/glsa-200502-08.xml Third Party Advisory
http://www.debian.org/security/2005/dsa-668 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:040 Broken Link
http://www.novell.com/linux/security/advisories/2005_36_sudo.html Broken Link
http://www.redhat.com/support/errata/RHSA-2005-138.html Patch Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2005-150.html Third Party Advisory
http://www.securityfocus.com/bid/12411 Broken Link
http://www.trustix.org/errata/2005/0003/ Patch Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10234 Broken Link
http://archives.postgresql.org/pgsql-announce/2005-02/msg00000.php Patch Vendor Advisory
http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php Vendor Advisory
http://marc.info/?l=bugtraq&m=110726899107148&w=2 Mailing List Third Party Advisory
http://secunia.com/advisories/12948 Third Party Advisory
http://security.gentoo.org/glsa/glsa-200502-08.xml Third Party Advisory
http://www.debian.org/security/2005/dsa-668 Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2005:040 Broken Link
http://www.novell.com/linux/security/advisories/2005_36_sudo.html Broken Link
http://www.redhat.com/support/errata/RHSA-2005-138.html Patch Third Party Advisory
http://www.redhat.com/support/errata/RHSA-2005-150.html Third Party Advisory
http://www.securityfocus.com/bid/12411 Broken Link
http://www.trustix.org/errata/2005/0003/ Patch Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10234 Broken Link
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
History

20 Nov 2024, 23:54

Type Values Removed Values Added
References () http://archives.postgresql.org/pgsql-announce/2005-02/msg00000.php - Patch, Vendor Advisory () http://archives.postgresql.org/pgsql-announce/2005-02/msg00000.php - Patch, Vendor Advisory
References () http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php - Vendor Advisory () http://archives.postgresql.org/pgsql-bugs/2005-01/msg00269.php - Vendor Advisory
References () http://marc.info/?l=bugtraq&m=110726899107148&w=2 - Mailing List, Third Party Advisory () http://marc.info/?l=bugtraq&m=110726899107148&w=2 - Mailing List, Third Party Advisory
References () http://secunia.com/advisories/12948 - Third Party Advisory () http://secunia.com/advisories/12948 - Third Party Advisory
References () http://security.gentoo.org/glsa/glsa-200502-08.xml - Third Party Advisory () http://security.gentoo.org/glsa/glsa-200502-08.xml - Third Party Advisory
References () http://www.debian.org/security/2005/dsa-668 - Third Party Advisory () http://www.debian.org/security/2005/dsa-668 - Third Party Advisory
References () http://www.mandriva.com/security/advisories?name=MDKSA-2005:040 - Broken Link () http://www.mandriva.com/security/advisories?name=MDKSA-2005:040 - Broken Link
References () http://www.novell.com/linux/security/advisories/2005_36_sudo.html - Broken Link () http://www.novell.com/linux/security/advisories/2005_36_sudo.html - Broken Link
References () http://www.redhat.com/support/errata/RHSA-2005-138.html - Patch, Third Party Advisory () http://www.redhat.com/support/errata/RHSA-2005-138.html - Patch, Third Party Advisory
References () http://www.redhat.com/support/errata/RHSA-2005-150.html - Third Party Advisory () http://www.redhat.com/support/errata/RHSA-2005-150.html - Third Party Advisory
References () http://www.securityfocus.com/bid/12411 - Broken Link () http://www.securityfocus.com/bid/12411 - Broken Link
References () http://www.trustix.org/errata/2005/0003/ - Patch, Third Party Advisory () http://www.trustix.org/errata/2005/0003/ - Patch, Third Party Advisory
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10234 - Broken Link () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10234 - Broken Link
Information

Published : 2005-05-02 04:00

Updated : 2024-11-20 23:54

NVD link : CVE-2005-0227

Mitre link : CVE-2005-0227

CVE.ORG link : CVE-2005-0227

JSON object : View

Products Affected

postgresql

  • postgresql
CWE
CWE-94

Improper Control of Generation of Code ('Code Injection')