CVE-2009-1341

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2009-1341
Memory leak in the dequote_bytea function in quote.c in the DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module before 2.0.0 for Perl allows context-dependent attackers to cause a denial of service (memory consumption) by fetching data with BYTEA columns.

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References
Link Resource
http://cpansearch.perl.org/src/TURNSTEP/DBD-Pg-2.13.1/Changes
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
http://rt.cpan.org/Public/Bug/Display.html?id=21392
http://secunia.com/advisories/34909 Vendor Advisory
http://secunia.com/advisories/35058 Vendor Advisory
http://secunia.com/advisories/35685
http://security.debian.org/pool/updates/main/libd/libdbd-pg-perl/libdbd-pg-perl_1.49-2+etch1.diff.gz
http://www.debian.org/security/2009/dsa-1780
http://www.redhat.com/support/errata/RHSA-2009-0479.html
http://www.redhat.com/support/errata/RHSA-2009-1067.html
http://www.securityfocus.com/bid/34757
https://exchange.xforce.ibmcloud.com/vulnerabilities/50387
https://launchpad.net/bugs/cve/2009-1341
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9680
http://cpansearch.perl.org/src/TURNSTEP/DBD-Pg-2.13.1/Changes
http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html
http://rt.cpan.org/Public/Bug/Display.html?id=21392
http://secunia.com/advisories/34909 Vendor Advisory
http://secunia.com/advisories/35058 Vendor Advisory
http://secunia.com/advisories/35685
http://security.debian.org/pool/updates/main/libd/libdbd-pg-perl/libdbd-pg-perl_1.49-2+etch1.diff.gz
http://www.debian.org/security/2009/dsa-1780
http://www.redhat.com/support/errata/RHSA-2009-0479.html
http://www.redhat.com/support/errata/RHSA-2009-1067.html
http://www.securityfocus.com/bid/34757
https://exchange.xforce.ibmcloud.com/vulnerabilities/50387
https://launchpad.net/bugs/cve/2009-1341
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9680
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:debian:libdbd-pg-perl:*:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.2:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.3:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.4:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.5:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.51:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.52:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.61:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.62:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.63:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.64:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.65:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.66:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.67:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.68:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.69:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.70:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.71:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.72:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.73:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.80:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.81:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.82:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.83:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.84:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.85:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.86:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.87:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.88:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.89:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.90:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.91:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.92:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.93:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.94:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.95:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.96:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.97:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.98:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:0.99:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:1.3.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:1.3.2:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:1.4.0:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:1.4.1:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:1.4.2:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:1.4.3:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:1.4.4:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:1.4.5:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:1.4.6:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:1.4.7:*:*:*:*:*:*:*
cpe:2.3:a:debian:libdbd-pg-perl:1.4.8:*:*:*:*:*:*:*
History

21 Nov 2024, 01:02

Type Values Removed Values Added
References () http://cpansearch.perl.org/src/TURNSTEP/DBD-Pg-2.13.1/Changes - () http://cpansearch.perl.org/src/TURNSTEP/DBD-Pg-2.13.1/Changes -
References () http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html - () http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html -
References () http://rt.cpan.org/Public/Bug/Display.html?id=21392 - () http://rt.cpan.org/Public/Bug/Display.html?id=21392 -
References () http://secunia.com/advisories/34909 - Vendor Advisory () http://secunia.com/advisories/34909 - Vendor Advisory
References () http://secunia.com/advisories/35058 - Vendor Advisory () http://secunia.com/advisories/35058 - Vendor Advisory
References () http://secunia.com/advisories/35685 - () http://secunia.com/advisories/35685 -
References () http://security.debian.org/pool/updates/main/libd/libdbd-pg-perl/libdbd-pg-perl_1.49-2+etch1.diff.gz - () http://security.debian.org/pool/updates/main/libd/libdbd-pg-perl/libdbd-pg-perl_1.49-2+etch1.diff.gz -
References () http://www.debian.org/security/2009/dsa-1780 - () http://www.debian.org/security/2009/dsa-1780 -
References () http://www.redhat.com/support/errata/RHSA-2009-0479.html - () http://www.redhat.com/support/errata/RHSA-2009-0479.html -
References () http://www.redhat.com/support/errata/RHSA-2009-1067.html - () http://www.redhat.com/support/errata/RHSA-2009-1067.html -
References () http://www.securityfocus.com/bid/34757 - () http://www.securityfocus.com/bid/34757 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/50387 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/50387 -
References () https://launchpad.net/bugs/cve/2009-1341 - () https://launchpad.net/bugs/cve/2009-1341 -
References () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9680 - () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9680 -
Information

Published : 2009-04-30 20:30

Updated : 2024-11-21 01:02

NVD link : CVE-2009-1341

Mitre link : CVE-2009-1341

CVE.ORG link : CVE-2009-1341

JSON object : View

Products Affected

debian

  • libdbd-pg-perl
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor