Multiple stack-based buffer overflows in json parsing in PostgreSQL before 9.3.x before 9.3.10 and 9.4.x before 9.4.5 allow attackers to cause a denial of service (server crash) via unspecified vectors, which are not properly handled in (1) json or (2) jsonb values.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
24 Feb 2023, 18:44
Type | Values Removed | Values Added |
---|---|---|
References | (SECTRACK) http://www.securitytracker.com/id/1033775 - Third Party Advisory, VDB Entry | |
References | (SUSE) http://lists.opensuse.org/opensuse-updates/2015-11/msg00033.html - Mailing List, Third Party Advisory | |
References | (FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172316.html - Mailing List, Third Party Advisory | |
References | (CONFIRM) http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html - Third Party Advisory | |
References | (DEBIAN) http://www.debian.org/security/2015/dsa-3374 - Third Party Advisory | |
References | (GENTOO) https://security.gentoo.org/glsa/201701-33 - Third Party Advisory | |
References | (UBUNTU) http://www.ubuntu.com/usn/USN-2772-1 - Third Party Advisory | |
References | (FEDORA) http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169094.html - Mailing List, Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html - Mailing List, Third Party Advisory | |
References | (BID) http://www.securityfocus.com/bid/77048 - Third Party Advisory, VDB Entry | |
CPE | cpe:2.3:a:postgresql:postgresql:9.2.7:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.3.4:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.1.8:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.3.9:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.3.2:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.4.0:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.2.5:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.2.10:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.2.11:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.1.18:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.2.13:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.3:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.3.5:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.1.5:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.1.10:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.1.11:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.3.1:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.1.3:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.4.1:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.1:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.1.9:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.2.8:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.1.7:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.2.9:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.1.13:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.1.17:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.2.4:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.4.4:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.1.2:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.2.2:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.2.6:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.2.12:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.4.2:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.3.3:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.2.3:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.4.3:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.3.6:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.2:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.1.1:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.1.4:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.1.15:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.1.14:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.2.1:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.1.12:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.3.8:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.1.16:*:*:*:*:*:*:* cpe:2.3:a:postgresql:postgresql:9.3.7:*:*:*:*:*:*:* |
cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:* cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:* |
Information
Published : 2015-10-26 14:59
Updated : 2024-02-04 18:53
NVD link : CVE-2015-5289
Mitre link : CVE-2015-5289
CVE.ORG link : CVE-2015-5289
JSON object : View
Products Affected
canonical
- ubuntu_linux
postgresql
- postgresql
debian
- debian_linux
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer