All the vulnerabilites related to tcl_tk - tcl_tk
Vulnerability from fkie_nvd
Published
2007-05-29 20:30
Modified
2024-11-21 00:31
Severity ?
Summary
Buffer overflow in tcl/win/tclWinReg.c in Tcl (Tcl/Tk) before 8.5a6 allows local users to gain privileges via long registry key paths.
References
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:*:*:*:*:*:*:*:*", "matchCriteriaId": "2914EB31-D780-4B50-AE06-CE6FEED865A8", "versionEndIncluding": "8.5a5", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in tcl/win/tclWinReg.c in Tcl (Tcl/Tk) before 8.5a6 allows local users to gain privileges via long registry key paths." }, { "lang": "es", "value": "Desbordamiento de b\u00fafer en tcl/win/tclWinReg.c en Tcl (Tcl/Tk) anterior a 8.5a6 permite a usuarios locales obtener privilegios mediante rutas de clave de registro largas." } ], "id": "CVE-2007-2877", "lastModified": "2024-11-21T00:31:52.567", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": true, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2007-05-29T20:30:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://osvdb.org/36528" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/25401" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://sourceforge.net/project/shownotes.php?group_id=10894\u0026release_id=503937" }, { "source": "cve@mitre.org", "url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1682211\u0026group_id=10894\u0026atid=110894" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34515" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/36528" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/25401" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://sourceforge.net/project/shownotes.php?group_id=10894\u0026release_id=503937" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1682211\u0026group_id=10894\u0026atid=110894" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34515" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2008-01-09 21:46
Modified
2024-11-21 00:39
Severity ?
Summary
Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (memory consumption) via a crafted "complex" regular expression with doubly-nested states.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "4064A96D-84D5-4257-9981-1139CD4CD08C", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "C98290E4-2919-4492-BD14-BB24BA85C729", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "B56E9F72-6CBF-4784-89CD-435A030AC0B0", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "6DEF0FE5-EFCF-448E-B6BD-95FDDD4E17FD", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "03B480F0-8FFC-4463-ADC6-95906751811C", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "629881D2-2A6D-4461-8C35-6EE575B63E6E", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "B5A19EB5-A1AF-4293-854D-347CD21065DA", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "B18ED293-B408-435F-9D1F-2365A2E51022", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.10:*:*:*:*:*:*:*", "matchCriteriaId": "E7106B29-76F3-43FD-BF57-4693D5B55076", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.11:*:*:*:*:*:*:*", "matchCriteriaId": "16B804CD-AE47-4B46-9B37-7F46D4C9A332", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.12:*:*:*:*:*:*:*", "matchCriteriaId": "D23E89A3-551D-42E2-90EC-59A9DAB4F854", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.13:*:*:*:*:*:*:*", "matchCriteriaId": "2FC46594-100B-459F-BCB7-1FA9D0719D76", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.14:*:*:*:*:*:*:*", "matchCriteriaId": "AECD278B-55A7-4BCC-8AF1-004F02A96BD7", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.15:*:*:*:*:*:*:*", "matchCriteriaId": "95DB94EF-32AE-4DD9-A9A4-4F7D4BE5F1AC", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.16:*:*:*:*:*:*:*", "matchCriteriaId": "DE0ED225-91C8-4FA6-9E33-A1D1AA99AA9F", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.19:*:*:*:*:*:*:*", "matchCriteriaId": "99679F07-ED44-47EE-AD51-3139F30B88DB", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "FBE2567C-BF48-4255-9E56-590A6F9DD932", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "0C8DDD98-9A2D-402D-9172-F3C4C4C97FEF", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "20C8302B-631A-4DF7-839B-C6F3CC39E000", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "FB318EB9-1B49-452A-92CF-89D9BA990AB9", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "5913A53B-7B72-4CBD-ADAE-318333EB8B7B", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "815E58C0-327D-4F14-B496-05FC8179627E", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "3EF2D056-5120-4F98-8343-4EC31F962CFE", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "516E0E86-3D8A-43F9-9DD5-865F5C889FC4", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "5A7A9D3C-4BB6-4974-BF96-6E6728196F4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "486EDE1B-37E0-4DDF-BFC9-C8C8945D5E2A", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "A7FC7F18-B227-4C46-9A33-FB34DDE456CC", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "BCDB903F-0C89-4E65-857E-553CF9C192E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.12:*:*:*:*:*:*:*", "matchCriteriaId": "F6BF8B1E-68F7-4F27-AD1F-FA02B256BDAA", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.13:*:*:*:*:*:*:*", "matchCriteriaId": "CD0DEB63-CA70-44C1-9491-E0790D1A8E21", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.14:*:*:*:*:*:*:*", "matchCriteriaId": "DA8E73E5-BA41-4FA2-8457-803A97FB00C3", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.16:*:*:*:*:*:*:*", "matchCriteriaId": "4975D8ED-7DCB-430F-98E1-DB165D6DA7E1", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.17:*:*:*:*:*:*:*", "matchCriteriaId": "CCBF8CDE-5E75-4DF8-AE1A-B7377953917A", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "94222D76-82BE-4FFB-BE4B-5DBAF3080D4D", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "91D1232E-4D0A-4BDC-99F6-25AEE014E9AE", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "105E9F52-D17E-4A0B-9C46-FD32A930B1E6", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "0DE2055D-AAA4-4A6A-918F-349A9749AF09", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "C12409B2-161B-4F78-B7AD-3CF69DDCC574", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "DD2F1DA4-6625-469D-988B-5457B68851A9", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "E2E26D52-D95A-4547-BE6E-4F142F54A624", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "4AAB2D1D-BE61-4D7C-B305-58B4F4126620", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "2A5F8D8B-34C5-4EBC-BB20-4D11191238B5", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "EEE16023-9A5E-46D5-B597-E6885C224786", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "BCF2794E-6B48-496B-B6CA-CDC7FC2160CA", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.317:*:*:*:*:*:*:*", "matchCriteriaId": "C8E78663-EBEA-4C00-9CD0-2115676C86E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "FEEC35A2-B17C-46EC-8697-9E03568339BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "6B52D093-7867-4FE8-B055-D8190103A1E6", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "DF1A06EE-26BD-4CDA-AEB9-01124FC37E37", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "FF855730-C61C-4FDC-96CB-57775A903421", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "992C3EC0-4C12-4FB0-8844-9EFB91DA95E3", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "8E3EBF1D-D5BD-4A22-B76A-2BAB21534E70", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "02DC4E8A-A728-4734-B67A-C58C37DA90C1", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "7213327F-6909-43A7-952E-11600C28D4E3", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "D9F645F3-9767-4FD8-94EB-1096DF24E6C3", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "C342A823-EF6F-4557-9F9E-D8893EA4C2BA", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "B85A443F-0802-412F-9AEE-3525311C93D4", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:*:*:*:*:*:*:*:*", "matchCriteriaId": "8A797831-3F58-45FD-86F7-5B0A9AA038DB", "versionEndIncluding": "8.4.16", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (memory consumption) via a crafted \"complex\" regular expression with doubly-nested states." }, { "lang": "es", "value": "Vulnerabilidad de complejidad algor\u00edtmica en el analizador de la expresi\u00f3n regular en TCL en versiones anteriores a 8.4.17, tal como se utiliza en PostgreSQL 8.2 en versiones anteriores a 8.2.6, 8.1 en versiones anteriores a 8.1.11, 8.0 en versiones anteriores a 8.0.15 y 7.4 en versiones anteriores a 7.4.19, permite a usuarios remotos autenticados provocar una denegaci\u00f3n de servicio (consumo de memoria) a trav\u00e9s de una expresi\u00f3n regular \"compleja\" manipulada con estados doblemente anidados." } ], "id": "CVE-2007-6067", "lastModified": "2024-11-21T00:39:18.020", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 6.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2008-01-09T21:46:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154" }, { "source": "cve@mitre.org", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154" }, { "source": "cve@mitre.org", "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705" }, { "source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html" }, { "source": "cve@mitre.org", "url": "http://rhn.redhat.com/errata/RHSA-2013-0122.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28359" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/28376" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/28437" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/28438" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/28454" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/28455" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/28464" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/28477" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/28479" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/28679" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/28698" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/29638" }, { "source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200801-15.xml" }, { "source": "cve@mitre.org", "url": "http://securitytracker.com/id?1019157" }, { "source": "cve@mitre.org", "url": "http://sourceforge.net/project/shownotes.php?release_id=565440\u0026group_id=10894" }, { "source": "cve@mitre.org", "tags": [ "Exploit" ], "url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1810264\u0026group_id=10894\u0026atid=110894" }, { "source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1" }, { "source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2008/dsa-1460" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2008/dsa-1463" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:004" }, { "source": "cve@mitre.org", "url": "http://www.postgresql.org/about/news.905" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2008-0038.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2008-0040.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/485864/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/486407/100/0/threaded" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/27163" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/0061" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/0109" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/1071/references" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39498" }, { "source": "cve@mitre.org", "url": "https://issues.rpath.com/browse/RPL-1768" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10235" }, { "source": "cve@mitre.org", "url": "https://usn.ubuntu.com/568-1/" }, { "source": "cve@mitre.org", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html" }, { "source": "cve@mitre.org", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2013-0122.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28359" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28376" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28437" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28438" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28454" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28455" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28464" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28477" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28479" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28679" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28698" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/29638" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200801-15.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1019157" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sourceforge.net/project/shownotes.php?release_id=565440\u0026group_id=10894" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Exploit" ], "url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1810264\u0026group_id=10894\u0026atid=110894" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2008/dsa-1460" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2008/dsa-1463" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:004" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.postgresql.org/about/news.905" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2008-0038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2008-0040.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/485864/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/486407/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/27163" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/0061" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/0109" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/1071/references" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39498" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://issues.rpath.com/browse/RPL-1768" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10235" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/568-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-189" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2008-02-07 21:00
Modified
2024-11-21 00:42
Severity ?
Summary
Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:*:*:*:*:*:*:*:*", "matchCriteriaId": "4DF6AAA4-A3BD-4436-B5A5-070AC79F260D", "versionEndIncluding": "8.4.17", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "5F06FEF3-A290-4256-ADB7-BC6E59A57852", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:3.3:*:*:*:*:*:*:*", "matchCriteriaId": "8F451113-3A1C-455C-A328-149121C8C204", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:4.0p1:*:*:*:*:*:*:*", "matchCriteriaId": "13A85D7C-DF70-4AF6-94F0-881D35082E48", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "E131184A-BD9E-41CF-B3D0-AB9E87834C25", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.1p1:*:*:*:*:*:*:*", "matchCriteriaId": "546DC29B-2A50-420A-AECD-EF526363AF2E", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "25B5AC3C-9F3E-499F-9EA7-5A0F9A889934", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "9819E03A-8A9E-4483-BBEB-4B3708798960", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "57D7BBC1-70C7-4509-B9A7-4B08615B1BBF", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.6:*:*:*:*:*:*:*", "matchCriteriaId": "8CCF8D59-9712-4C55-A680-7DD7C17EE8C6", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:6.7:*:*:*:*:*:*:*", "matchCriteriaId": "EF4B0EEA-735E-4BB6-96E4-133F293A7295", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "E2545F45-2F35-442B-84BA-DC7649E55672", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "77D4364D-9BB0-47A2-BFA6-37C369C3E6B8", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "A799BDBF-A56B-4125-A385-5FF87A0B069A", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "FD4DCB1D-DD71-4C85-97E6-55AB467A8CBC", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.5:*:*:*:*:*:*:*", "matchCriteriaId": "509225EF-4423-45AE-AC86-5CF7188DF7B1", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.5p1:*:*:*:*:*:*:*", "matchCriteriaId": "7B924063-CD33-44ED-BBB6-42FC6A12BD8A", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.6:*:*:*:*:*:*:*", "matchCriteriaId": "0C9F9F96-DE6F-4B77-8715-360543E95E19", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:7.6p2:*:*:*:*:*:*:*", "matchCriteriaId": "F297D4B0-40DE-4728-B840-584441AB809B", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "65C60D84-229A-43CA-8481-5634A3CFBF1E", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "05182123-3F45-4936-A7F1-5B1328C81C13", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "F9583698-C566-40DF-912F-325454C74F85", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "92E514C1-574A-41B3-84AB-50014CDAEE40", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.0p2:*:*:*:*:*:*:*", "matchCriteriaId": "A43DF20C-5EE3-45AC-A4B9-8C0DC9EC1840", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.1:*:*:*:*:*:*:*", "matchCriteriaId": "6A3CFE21-4641-4982-9791-ABD3FE1311BF", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "F5FFF507-18EE-4C64-BB86-48C97D7C9CD6", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "C64F535C-A346-456F-AD99-8B135121390C", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "F4B6F5E4-CE71-4359-8F05-4DF63E31BF6E", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "49767838-28BB-4B95-B70C-CD945B3E6559", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "2CEA597D-65CA-43B4-9742-F8FA7EB1CDB4", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "1734A66C-D961-4740-82F4-F93B6D502C8B", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "78F9AD15-E604-4048-97C2-480AF00BE3C1", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "1C10E232-F532-4F2E-9DA7-44C10719CAC2", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "7A9E15B7-5018-4941-8DC9-A6FC84262F31", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "6BB3FDAD-D0AD-410B-9FB3-001978DA0AE4", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "4793F51C-293F-4A56-8789-B04FE3CBA958", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "270A67C9-96BC-4B36-8B66-2EFFB7708C6C", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "955AA2E1-9B15-431C-8A24-DC2A06E24715", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "03F55BFF-E9E1-4C97-A0DB-5F905406C55E", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "8536661B-E5A9-4D08-BC0E-0770A37E0545", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "574D7E14-49CE-478F-BD12-804F13146E2F", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "5165B956-F82A-4500-8B04-ADA0A100C4EB", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "37CB2CB3-BBC6-4F69-BDEB-53377444BD61", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "56710692-2D3A-4FB1-A3FD-8875946B7130", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "219B6B61-C2CE-418B-81A0-C9CEE6B9474A", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "18EA39DD-B688-420B-A0EC-CE6F99DE2BE3", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "6103F8D2-277F-4ECF-B72C-90E97896758B", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "85C5C1CF-6DAF-4521-AFE9-606A5436C40A", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.12:*:*:*:*:*:*:*", "matchCriteriaId": "B70C2629-E2C1-422D-BDFA-1E0495A5ED4C", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.13:*:*:*:*:*:*:*", "matchCriteriaId": "89651A15-A000-42A8-9268-4014BF34410A", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.14:*:*:*:*:*:*:*", "matchCriteriaId": "A4B54926-8A20-4743-9F9B-D255A84FE6FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.15:*:*:*:*:*:*:*", "matchCriteriaId": "39901A5E-7CB4-42C8-90A1-25487BA0FC4D", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.16:*:*:*:*:*:*:*", "matchCriteriaId": "DA3ECB75-5962-4362-98CF-CC31F72ED021", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4a2:*:*:*:*:*:*:*", "matchCriteriaId": "E0689AA7-2B44-4202-B782-E47612115700", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4a3:*:*:*:*:*:*:*", "matchCriteriaId": "BC2BA9A0-AE55-4F30-B27D-E48F2371F29F", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4a4:*:*:*:*:*:*:*", "matchCriteriaId": "EC8A3AA4-2236-40BA-99BB-A215B69230A5", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4b1:*:*:*:*:*:*:*", "matchCriteriaId": "2D892065-8B50-48FE-8716-09F351104FAC", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4b2:*:*:*:*:*:*:*", "matchCriteriaId": "0EDEEDB4-DA0A-45EF-A8BA-079671E10F8A", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "1EE930FC-E77F-4EB8-A3B8-E4B1A6433BFE", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5_a3:*:*:*:*:*:*:*", "matchCriteriaId": "DA27B876-A7F8-4805-B653-21D31D06CFB1", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5a1:*:*:*:*:*:*:*", "matchCriteriaId": "E2872DCD-CD4E-4341-BE3F-0CED3F06B934", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5a2:*:*:*:*:*:*:*", "matchCriteriaId": "6D3DE5A6-F00A-4AA5-9974-B8D2B1DE1084", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5a3:*:*:*:*:*:*:*", "matchCriteriaId": "514AD04E-39AE-49FB-AB26-B425F1D5B34D", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5a4:*:*:*:*:*:*:*", "matchCriteriaId": "7FE837C2-2C20-4F8B-A92C-0F5D97974522", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5a5:*:*:*:*:*:*:*", "matchCriteriaId": "DA678572-F6AE-4CC3-AE58-D420D695A297", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5a6:*:*:*:*:*:*:*", "matchCriteriaId": "C8D643E2-5344-4B34-AD4B-20B4870E40F9", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5b1:*:*:*:*:*:*:*", "matchCriteriaId": "41FEC657-2316-45B6-B9DC-1F87C9A74CB9", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5b2:*:*:*:*:*:*:*", "matchCriteriaId": "DCEDEAA3-3EA8-4BF4-8A27-4F485AD60E15", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.5b3:*:*:*:*:*:*:*", "matchCriteriaId": "7D387207-B013-4D8A-82C4-F4B6FB004E09", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484." }, { "lang": "es", "value": "Un desbordamiento de b\u00fafer en la regi\u00f3n stack de la memoria en la funci\u00f3n ReadImage en el archivo tkImgGIF.c en Tk (Tcl/Tk) versiones anteriores a 8.5.1, permite a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de una imagen GIF dise\u00f1ada, un problema similar a CVE-2006-4484." } ], "id": "CVE-2008-0553", "lastModified": "2024-11-21T00:42:22.263", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2008-02-07T21:00:00.000", "references": [ { "source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html" }, { "source": "secalert@redhat.com", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/28784" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28807" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28848" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28857" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28867" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28954" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/29069" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/29070" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/29622" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/30129" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/30188" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/30535" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/30717" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/30783" }, { "source": "secalert@redhat.com", "url": "http://secunia.com/advisories/32608" }, { "source": "secalert@redhat.com", "url": "http://securitytracker.com/id?1019309" }, { "source": "secalert@redhat.com", "url": "http://sourceforge.net/project/shownotes.php?release_id=573933\u0026group_id=10894" }, { "source": "secalert@redhat.com", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237465-1" }, { "source": "secalert@redhat.com", "url": "http://ubuntu.com/usn/usn-664-1" }, { "source": "secalert@redhat.com", "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0054" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2008/dsa-1490" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2008/dsa-1491" }, { "source": "secalert@redhat.com", "url": "http://www.debian.org/security/2008/dsa-1598" }, { "source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:041" }, { "source": "secalert@redhat.com", "url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2008-0134.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2008-0135.html" }, { "source": "secalert@redhat.com", "url": "http://www.redhat.com/support/errata/RHSA-2008-0136.html" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/488069/100/0/threaded" }, { "source": "secalert@redhat.com", "url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded" }, { "source": "secalert@redhat.com", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/27655" }, { "source": "secalert@redhat.com", "url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/0430" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/1456/references" }, { "source": "secalert@redhat.com", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/1744" }, { "source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=431518" }, { "source": "secalert@redhat.com", "url": "https://issues.rpath.com/browse/RPL-2215" }, { "source": "secalert@redhat.com", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10098" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00115.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00132.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00193.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00205.html" }, { "source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00116.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/28784" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28807" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28848" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28857" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28867" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28954" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/29069" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/29070" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/29622" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/30129" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/30188" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/30535" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/30717" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/30783" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/32608" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1019309" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sourceforge.net/project/shownotes.php?release_id=573933\u0026group_id=10894" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237465-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://ubuntu.com/usn/usn-664-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0054" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2008/dsa-1490" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2008/dsa-1491" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2008/dsa-1598" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:041" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2008-0134.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2008-0135.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2008-0136.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/488069/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/27655" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/0430" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/1456/references" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/1744" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=431518" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://issues.rpath.com/browse/RPL-2215" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10098" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00115.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00132.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00193.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00205.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00116.html" } ], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2007-09-28 21:17
Modified
2024-11-21 00:37
Severity ?
Summary
Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl (Tcl/Tk) 8.4.13 through 8.4.15 allows remote attackers to execute arbitrary code via multi-frame interlaced GIF files in which later frames are smaller than the first. NOTE: this issue is due to an incorrect patch for CVE-2007-5378.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.13:*:*:*:*:*:*:*", "matchCriteriaId": "89651A15-A000-42A8-9268-4014BF34410A", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.14:*:*:*:*:*:*:*", "matchCriteriaId": "A4B54926-8A20-4743-9F9B-D255A84FE6FC", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:8.4.15:*:*:*:*:*:*:*", "matchCriteriaId": "39901A5E-7CB4-42C8-90A1-25487BA0FC4D", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl (Tcl/Tk) 8.4.13 through 8.4.15 allows remote attackers to execute arbitrary code via multi-frame interlaced GIF files in which later frames are smaller than the first. NOTE: this issue is due to an incorrect patch for CVE-2007-5378." }, { "lang": "es", "value": "Un desbordamiento de b\u00fafer en la funci\u00f3n ReadImage en el archivo generic/tkImgGIF.c en Tcl (Tcl/Tk) versiones 8.4.13 hasta 8.4.15, permite a atacantes remotos ejecutar c\u00f3digo arbitrario por medio de archivos GIF entrelazados de m\u00falti-trama en los que las tramas posteriores son m\u00e1s peque\u00f1as que la primera. NOTA: este problema es debido a un parche incorrecto para CVE-2007-5378." } ], "id": "CVE-2007-5137", "lastModified": "2024-11-21T00:37:12.693", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true } ] }, "published": "2007-09-28T21:17:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://bugs.gentoo.org/show_bug.cgi?id=192539" }, { "source": "cve@mitre.org", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/26942" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/27086" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/27182" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/27207" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/27229" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/27295" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/29069" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/34297" }, { "source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200710-07.xml" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://sourceforge.net/project/shownotes.php?release_id=541207" }, { "source": "cve@mitre.org", "url": "http://www.attrition.org/pipermail/vim/2007-October/001826.html" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2009/dsa-1743" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:200" }, { "source": "cve@mitre.org", "url": "http://www.novell.com/linux/security/advisories/2007_20_sr.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2008-0136.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/25826" }, { "source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/usn-529-1" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9540" }, { "source": "cve@mitre.org", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00261.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://bugs.gentoo.org/show_bug.cgi?id=192539" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch", "Vendor Advisory" ], "url": "http://secunia.com/advisories/26942" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27086" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27182" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27207" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27229" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/27295" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/29069" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/34297" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200710-07.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://sourceforge.net/project/shownotes.php?release_id=541207" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.attrition.org/pipermail/vim/2007-October/001826.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2009/dsa-1743" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:200" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.novell.com/linux/security/advisories/2007_20_sr.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2008-0136.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/25826" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/usn-529-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9540" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00261.html" } ], "sourceIdentifier": "cve@mitre.org", "vendorComments": [ { "comment": "Red Hat is aware of this issue and is tracking it via the following bug:\nhttps://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=CVE-2007-5137\n\nThe Red Hat Security Response Team has rated this issue as having low security impact, a future update may address this flaw.", "lastModified": "2007-10-09T00:00:00", "organization": "Red Hat" } ], "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-119" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
Vulnerability from fkie_nvd
Published
2008-01-09 21:46
Modified
2024-11-21 00:36
Severity ?
Summary
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number.
References
Impacted products
{ "configurations": [ { "nodes": [ { "cpeMatch": [ { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "4064A96D-84D5-4257-9981-1139CD4CD08C", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "C98290E4-2919-4492-BD14-BB24BA85C729", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "B56E9F72-6CBF-4784-89CD-435A030AC0B0", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "6DEF0FE5-EFCF-448E-B6BD-95FDDD4E17FD", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.4:*:*:*:*:*:*:*", "matchCriteriaId": "03B480F0-8FFC-4463-ADC6-95906751811C", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "629881D2-2A6D-4461-8C35-6EE575B63E6E", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "B5A19EB5-A1AF-4293-854D-347CD21065DA", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "B18ED293-B408-435F-9D1F-2365A2E51022", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.10:*:*:*:*:*:*:*", "matchCriteriaId": "E7106B29-76F3-43FD-BF57-4693D5B55076", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.11:*:*:*:*:*:*:*", "matchCriteriaId": "16B804CD-AE47-4B46-9B37-7F46D4C9A332", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.12:*:*:*:*:*:*:*", "matchCriteriaId": "D23E89A3-551D-42E2-90EC-59A9DAB4F854", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.13:*:*:*:*:*:*:*", "matchCriteriaId": "2FC46594-100B-459F-BCB7-1FA9D0719D76", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.14:*:*:*:*:*:*:*", "matchCriteriaId": "AECD278B-55A7-4BCC-8AF1-004F02A96BD7", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.15:*:*:*:*:*:*:*", "matchCriteriaId": "95DB94EF-32AE-4DD9-A9A4-4F7D4BE5F1AC", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.16:*:*:*:*:*:*:*", "matchCriteriaId": "DE0ED225-91C8-4FA6-9E33-A1D1AA99AA9F", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.3.19:*:*:*:*:*:*:*", "matchCriteriaId": "99679F07-ED44-47EE-AD51-3139F30B88DB", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4:*:*:*:*:*:*:*", "matchCriteriaId": "FBE2567C-BF48-4255-9E56-590A6F9DD932", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "0C8DDD98-9A2D-402D-9172-F3C4C4C97FEF", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "20C8302B-631A-4DF7-839B-C6F3CC39E000", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "FB318EB9-1B49-452A-92CF-89D9BA990AB9", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "5913A53B-7B72-4CBD-ADAE-318333EB8B7B", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "815E58C0-327D-4F14-B496-05FC8179627E", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "3EF2D056-5120-4F98-8343-4EC31F962CFE", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.7:*:*:*:*:*:*:*", "matchCriteriaId": "516E0E86-3D8A-43F9-9DD5-865F5C889FC4", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.8:*:*:*:*:*:*:*", "matchCriteriaId": "5A7A9D3C-4BB6-4974-BF96-6E6728196F4E", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.9:*:*:*:*:*:*:*", "matchCriteriaId": "486EDE1B-37E0-4DDF-BFC9-C8C8945D5E2A", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.10:*:*:*:*:*:*:*", "matchCriteriaId": "A7FC7F18-B227-4C46-9A33-FB34DDE456CC", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.11:*:*:*:*:*:*:*", "matchCriteriaId": "BCDB903F-0C89-4E65-857E-553CF9C192E8", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.12:*:*:*:*:*:*:*", "matchCriteriaId": "F6BF8B1E-68F7-4F27-AD1F-FA02B256BDAA", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.13:*:*:*:*:*:*:*", "matchCriteriaId": "CD0DEB63-CA70-44C1-9491-E0790D1A8E21", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.14:*:*:*:*:*:*:*", "matchCriteriaId": "DA8E73E5-BA41-4FA2-8457-803A97FB00C3", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.16:*:*:*:*:*:*:*", "matchCriteriaId": "4975D8ED-7DCB-430F-98E1-DB165D6DA7E1", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:7.4.17:*:*:*:*:*:*:*", "matchCriteriaId": "CCBF8CDE-5E75-4DF8-AE1A-B7377953917A", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "94222D76-82BE-4FFB-BE4B-5DBAF3080D4D", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "91D1232E-4D0A-4BDC-99F6-25AEE014E9AE", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "105E9F52-D17E-4A0B-9C46-FD32A930B1E6", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "0DE2055D-AAA4-4A6A-918F-349A9749AF09", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "C12409B2-161B-4F78-B7AD-3CF69DDCC574", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "DD2F1DA4-6625-469D-988B-5457B68851A9", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.7:*:*:*:*:*:*:*", "matchCriteriaId": "E2E26D52-D95A-4547-BE6E-4F142F54A624", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.8:*:*:*:*:*:*:*", "matchCriteriaId": "4AAB2D1D-BE61-4D7C-B305-58B4F4126620", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.9:*:*:*:*:*:*:*", "matchCriteriaId": "2A5F8D8B-34C5-4EBC-BB20-4D11191238B5", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.11:*:*:*:*:*:*:*", "matchCriteriaId": "EEE16023-9A5E-46D5-B597-E6885C224786", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.13:*:*:*:*:*:*:*", "matchCriteriaId": "BCF2794E-6B48-496B-B6CA-CDC7FC2160CA", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.0.317:*:*:*:*:*:*:*", "matchCriteriaId": "C8E78663-EBEA-4C00-9CD0-2115676C86E0", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "FEEC35A2-B17C-46EC-8697-9E03568339BC", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "6B52D093-7867-4FE8-B055-D8190103A1E6", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "DF1A06EE-26BD-4CDA-AEB9-01124FC37E37", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "FF855730-C61C-4FDC-96CB-57775A903421", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "992C3EC0-4C12-4FB0-8844-9EFB91DA95E3", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "8E3EBF1D-D5BD-4A22-B76A-2BAB21534E70", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "02DC4E8A-A728-4734-B67A-C58C37DA90C1", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.2:*:*:*:*:*:*:*", "matchCriteriaId": "7213327F-6909-43A7-952E-11600C28D4E3", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "D9F645F3-9767-4FD8-94EB-1096DF24E6C3", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "C342A823-EF6F-4557-9F9E-D8893EA4C2BA", "vulnerable": true }, { "criteria": "cpe:2.3:a:postgresql:postgresql:8.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "B85A443F-0802-412F-9AEE-3525311C93D4", "vulnerable": true }, { "criteria": "cpe:2.3:a:tcl_tk:tcl_tk:*:*:*:*:*:*:*:*", "matchCriteriaId": "8A797831-3F58-45FD-86F7-5B0A9AA038DB", "versionEndIncluding": "8.4.16", "vulnerable": true } ], "negate": false, "operator": "OR" } ] } ], "cveTags": [], "descriptions": [ { "lang": "en", "value": "The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number." }, { "lang": "es", "value": "El analizador de expresiones regulares en TCL versiones anteriores a 8.4.17, como es usado en PostgreSQL versiones 8.2 anteriores a 8.2.6,versiones 8.1 anteriores a 8.1.11, versiones 8.0 anteriores a 8.0.15 y versiones 7.4 anteriores a 7.4.19, permite a usuarios autenticados remotos causar una denegaci\u00f3n de servicio (bloqueo del backend) por medio de un n\u00famero backref fuera de l\u00edmites." } ], "id": "CVE-2007-4769", "lastModified": "2024-11-21T00:36:24.357", "metrics": { "cvssMetricV2": [ { "acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 6.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:C", "version": "2.0" }, "exploitabilityScore": 8.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false } ] }, "published": "2008-01-09T21:46:00.000", "references": [ { "source": "cve@mitre.org", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154" }, { "source": "cve@mitre.org", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154" }, { "source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28359" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28376" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28437" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28438" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28454" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28455" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28464" }, { "source": "cve@mitre.org", "url": "http://secunia.com/advisories/28477" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28479" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28679" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28698" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/29638" }, { "source": "cve@mitre.org", "url": "http://security.gentoo.org/glsa/glsa-200801-15.xml" }, { "source": "cve@mitre.org", "url": "http://securitytracker.com/id?1019157" }, { "source": "cve@mitre.org", "url": "http://sourceforge.net/project/shownotes.php?release_id=565440\u0026group_id=10894" }, { "source": "cve@mitre.org", "url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1810264\u0026group_id=10894\u0026atid=110894" }, { "source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1" }, { "source": "cve@mitre.org", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2008/dsa-1460" }, { "source": "cve@mitre.org", "url": "http://www.debian.org/security/2008/dsa-1463" }, { "source": "cve@mitre.org", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:004" }, { "source": "cve@mitre.org", "url": "http://www.postgresql.org/about/news.905" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2008-0038.html" }, { "source": "cve@mitre.org", "url": "http://www.redhat.com/support/errata/RHSA-2008-0040.html" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/485864/100/0/threaded" }, { "source": "cve@mitre.org", "url": "http://www.securityfocus.com/archive/1/486407/100/0/threaded" }, { "source": "cve@mitre.org", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/27163" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/0061" }, { "source": "cve@mitre.org", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/0109" }, { "source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2008/1071/references" }, { "source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39499" }, { "source": "cve@mitre.org", "url": "https://issues.rpath.com/browse/RPL-1768" }, { "source": "cve@mitre.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9804" }, { "source": "cve@mitre.org", "url": "https://usn.ubuntu.com/568-1/" }, { "source": "cve@mitre.org", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html" }, { "source": "cve@mitre.org", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28359" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28376" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28437" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28438" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28454" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28455" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28464" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/28477" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28479" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28679" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/28698" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://secunia.com/advisories/29638" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://security.gentoo.org/glsa/glsa-200801-15.xml" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://securitytracker.com/id?1019157" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sourceforge.net/project/shownotes.php?release_id=565440\u0026group_id=10894" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1810264\u0026group_id=10894\u0026atid=110894" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2008/dsa-1460" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.debian.org/security/2008/dsa-1463" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:004" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.postgresql.org/about/news.905" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2008-0038.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/support/errata/RHSA-2008-0040.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/485864/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/archive/1/486407/100/0/threaded" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Patch" ], "url": "http://www.securityfocus.com/bid/27163" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/0061" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "tags": [ "Vendor Advisory" ], "url": "http://www.vupen.com/english/advisories/2008/0109" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/1071/references" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39499" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://issues.rpath.com/browse/RPL-1768" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9804" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://usn.ubuntu.com/568-1/" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html" }, { "source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html" } ], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [ { "description": [ { "lang": "en", "value": "CWE-189" } ], "source": "nvd@nist.gov", "type": "Primary" } ] }
cve-2007-2877
Vulnerability from cvelistv5
Published
2007-05-29 20:00
Modified
2024-08-07 13:57
Severity ?
EPSS score ?
Summary
Buffer overflow in tcl/win/tclWinReg.c in Tcl (Tcl/Tk) before 8.5a6 allows local users to gain privileges via long registry key paths.
References
▼ | URL | Tags |
---|---|---|
http://sourceforge.net/tracker/index.php?func=detail&aid=1682211&group_id=10894&atid=110894 | x_refsource_CONFIRM | |
http://osvdb.org/36528 | vdb-entry, x_refsource_OSVDB | |
http://sourceforge.net/project/shownotes.php?group_id=10894&release_id=503937 | x_refsource_CONFIRM | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/34515 | vdb-entry, x_refsource_XF | |
http://secunia.com/advisories/25401 | third-party-advisory, x_refsource_SECUNIA |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T13:57:54.288Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1682211\u0026group_id=10894\u0026atid=110894" }, { "name": "36528", "tags": [ "vdb-entry", "x_refsource_OSVDB", "x_transferred" ], "url": "http://osvdb.org/36528" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://sourceforge.net/project/shownotes.php?group_id=10894\u0026release_id=503937" }, { "name": "tcl-tclwinreg-bo(34515)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34515" }, { "name": "25401", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/25401" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2007-03-16T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in tcl/win/tclWinReg.c in Tcl (Tcl/Tk) before 8.5a6 allows local users to gain privileges via long registry key paths." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-07-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1682211\u0026group_id=10894\u0026atid=110894" }, { "name": "36528", "tags": [ "vdb-entry", "x_refsource_OSVDB" ], "url": "http://osvdb.org/36528" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://sourceforge.net/project/shownotes.php?group_id=10894\u0026release_id=503937" }, { "name": "tcl-tclwinreg-bo(34515)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34515" }, { "name": "25401", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/25401" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-2877", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in tcl/win/tclWinReg.c in Tcl (Tcl/Tk) before 8.5a6 allows local users to gain privileges via long registry key paths." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1682211\u0026group_id=10894\u0026atid=110894", "refsource": "CONFIRM", "url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1682211\u0026group_id=10894\u0026atid=110894" }, { "name": "36528", "refsource": "OSVDB", "url": "http://osvdb.org/36528" }, { "name": "http://sourceforge.net/project/shownotes.php?group_id=10894\u0026release_id=503937", "refsource": "CONFIRM", "url": "http://sourceforge.net/project/shownotes.php?group_id=10894\u0026release_id=503937" }, { "name": "tcl-tclwinreg-bo(34515)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/34515" }, { "name": "25401", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/25401" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-2877", "datePublished": "2007-05-29T20:00:00", "dateReserved": "2007-05-29T00:00:00", "dateUpdated": "2024-08-07T13:57:54.288Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2008-0553
Vulnerability from cvelistv5
Published
2008-02-07 20:00
Modified
2024-08-07 07:46
Severity ?
EPSS score ?
Summary
Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T07:46:55.146Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "30129", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/30129" }, { "name": "28784", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28784" }, { "name": "RHSA-2008:0134", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0134.html" }, { "name": "DSA-1598", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2008/dsa-1598" }, { "name": "20080212 rPSA-2008-0054-1 tk", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/488069/100/0/threaded" }, { "name": "ADV-2008-1744", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/1744" }, { "name": "29622", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/29622" }, { "name": "27655", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/27655" }, { "name": "SUSE-SR:2008:008", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html" }, { "name": "USN-664-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://ubuntu.com/usn/usn-664-1" }, { "name": "ADV-2008-1456", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/1456/references" }, { "name": "28857", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28857" }, { "name": "30783", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/30783" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-2215" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html" }, { "name": "oval:org.mitre.oval:def:10098", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10098" }, { "name": "DSA-1490", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2008/dsa-1490" }, { "name": "237465", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237465-1" }, { "name": "RHSA-2008:0136", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0136.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=431518" }, { "name": "ADV-2008-0430", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0430" }, { "name": "28954", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28954" }, { "name": "30535", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/30535" }, { "name": "30188", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/30188" }, { "name": "FEDORA-2008-1131", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00132.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://sourceforge.net/project/shownotes.php?release_id=573933\u0026group_id=10894" }, { "name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded" }, { "name": "FEDORA-2008-1384", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00205.html" }, { "name": "FEDORA-2008-1122", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00193.html" }, { "name": "32608", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/32608" }, { "name": "29070", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/29070" }, { "name": "FEDORA-2008-3545", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00116.html" }, { "name": "28848", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28848" }, { "name": "RHSA-2008:0135", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0135.html" }, { "name": "29069", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/29069" }, { "name": "FEDORA-2008-1323", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00115.html" }, { "name": "28867", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28867" }, { "name": "1019309", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1019309" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0054" }, { "name": "MDVSA-2008:041", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:041" }, { "name": "DSA-1491", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2008/dsa-1491" }, { "name": "28807", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28807" }, { "name": "SUSE-SR:2008:013", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html" }, { "name": "30717", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/30717" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2008-02-06T00:00:00", "descriptions": [ { "lang": "en", "value": "Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-15T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "30129", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/30129" }, { "name": "28784", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28784" }, { "name": "RHSA-2008:0134", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0134.html" }, { "name": "DSA-1598", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2008/dsa-1598" }, { "name": "20080212 rPSA-2008-0054-1 tk", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/488069/100/0/threaded" }, { "name": "ADV-2008-1744", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/1744" }, { "name": "29622", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/29622" }, { "name": "27655", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/27655" }, { "name": "SUSE-SR:2008:008", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html" }, { "name": "USN-664-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://ubuntu.com/usn/usn-664-1" }, { "name": "ADV-2008-1456", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/1456/references" }, { "name": "28857", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28857" }, { "name": "30783", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/30783" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-2215" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html" }, { "name": "oval:org.mitre.oval:def:10098", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10098" }, { "name": "DSA-1490", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2008/dsa-1490" }, { "name": "237465", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237465-1" }, { "name": "RHSA-2008:0136", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0136.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=431518" }, { "name": "ADV-2008-0430", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0430" }, { "name": "28954", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28954" }, { "name": "30535", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/30535" }, { "name": "30188", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/30188" }, { "name": "FEDORA-2008-1131", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00132.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://sourceforge.net/project/shownotes.php?release_id=573933\u0026group_id=10894" }, { "name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded" }, { "name": "FEDORA-2008-1384", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00205.html" }, { "name": "FEDORA-2008-1122", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00193.html" }, { "name": "32608", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/32608" }, { "name": "29070", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/29070" }, { "name": "FEDORA-2008-3545", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00116.html" }, { "name": "28848", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28848" }, { "name": "RHSA-2008:0135", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0135.html" }, { "name": "29069", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/29069" }, { "name": "FEDORA-2008-1323", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00115.html" }, { "name": "28867", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28867" }, { "name": "1019309", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1019309" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0054" }, { "name": "MDVSA-2008:041", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:041" }, { "name": "DSA-1491", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2008/dsa-1491" }, { "name": "28807", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28807" }, { "name": "SUSE-SR:2008:013", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html" }, { "name": "30717", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/30717" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "secalert@redhat.com", "ID": "CVE-2008-0553", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Stack-based buffer overflow in the ReadImage function in tkImgGIF.c in Tk (Tcl/Tk) before 8.5.1 allows remote attackers to execute arbitrary code via a crafted GIF image, a similar issue to CVE-2006-4484." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "30129", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30129" }, { "name": "28784", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28784" }, { "name": "RHSA-2008:0134", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2008-0134.html" }, { "name": "DSA-1598", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1598" }, { "name": "20080212 rPSA-2008-0054-1 tk", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/488069/100/0/threaded" }, { "name": "ADV-2008-1744", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1744" }, { "name": "29622", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29622" }, { "name": "27655", "refsource": "BID", "url": "http://www.securityfocus.com/bid/27655" }, { "name": "SUSE-SR:2008:008", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html" }, { "name": "USN-664-1", "refsource": "UBUNTU", "url": "http://ubuntu.com/usn/usn-664-1" }, { "name": "ADV-2008-1456", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1456/references" }, { "name": "28857", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28857" }, { "name": "30783", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30783" }, { "name": "https://issues.rpath.com/browse/RPL-2215", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-2215" }, { "name": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2008-0009.html" }, { "name": "oval:org.mitre.oval:def:10098", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10098" }, { "name": "DSA-1490", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1490" }, { "name": "237465", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-237465-1" }, { "name": "RHSA-2008:0136", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2008-0136.html" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=431518", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=431518" }, { "name": "ADV-2008-0430", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0430" }, { "name": "28954", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28954" }, { "name": "30535", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30535" }, { "name": "30188", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30188" }, { "name": "FEDORA-2008-1131", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00132.html" }, { "name": "http://sourceforge.net/project/shownotes.php?release_id=573933\u0026group_id=10894", "refsource": "CONFIRM", "url": "http://sourceforge.net/project/shownotes.php?release_id=573933\u0026group_id=10894" }, { "name": "20080604 VMSA-2008-0009 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/493080/100/0/threaded" }, { "name": "FEDORA-2008-1384", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00205.html" }, { "name": "FEDORA-2008-1122", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00193.html" }, { "name": "32608", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/32608" }, { "name": "29070", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29070" }, { "name": "FEDORA-2008-3545", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-May/msg00116.html" }, { "name": "28848", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28848" }, { "name": "RHSA-2008:0135", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2008-0135.html" }, { "name": "29069", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29069" }, { "name": "FEDORA-2008-1323", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-February/msg00115.html" }, { "name": "28867", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28867" }, { "name": "1019309", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1019309" }, { "name": "http://wiki.rpath.com/Advisories:rPSA-2008-0054", "refsource": "CONFIRM", "url": "http://wiki.rpath.com/Advisories:rPSA-2008-0054" }, { "name": "MDVSA-2008:041", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:041" }, { "name": "DSA-1491", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1491" }, { "name": "28807", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28807" }, { "name": "SUSE-SR:2008:013", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2008_13_sr.html" }, { "name": "30717", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30717" } ] } } } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2008-0553", "datePublished": "2008-02-07T20:00:00", "dateReserved": "2008-02-01T00:00:00", "dateUpdated": "2024-08-07T07:46:55.146Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2007-5137
Vulnerability from cvelistv5
Published
2007-09-28 21:00
Modified
2024-08-07 15:24
Severity ?
EPSS score ?
Summary
Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl (Tcl/Tk) 8.4.13 through 8.4.15 allows remote attackers to execute arbitrary code via multi-frame interlaced GIF files in which later frames are smaller than the first. NOTE: this issue is due to an incorrect patch for CVE-2007-5378.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T15:24:41.948Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "34297", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/34297" }, { "name": "oval:org.mitre.oval:def:9540", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9540" }, { "name": "FEDORA-2007-2564", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00261.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=192539" }, { "name": "26942", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/26942" }, { "name": "27086", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27086" }, { "name": "RHSA-2008:0136", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0136.html" }, { "name": "MDKSA-2007:200", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:200" }, { "name": "DSA-1743", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2009/dsa-1743" }, { "name": "GLSA-200710-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200710-07.xml" }, { "name": "27295", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27295" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://sourceforge.net/project/shownotes.php?release_id=541207" }, { "name": "27229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27229" }, { "name": "USN-529-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/usn-529-1" }, { "name": "27182", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27182" }, { "name": "20071012 clarification on multiple Tk overflow issues", "tags": [ "mailing-list", "x_refsource_VIM", "x_transferred" ], "url": "http://www.attrition.org/pipermail/vim/2007-October/001826.html" }, { "name": "29069", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/29069" }, { "name": "27207", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/27207" }, { "name": "SUSE-SR:2007:020", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://www.novell.com/linux/security/advisories/2007_20_sr.html" }, { "name": "25826", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/25826" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2007-09-27T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl (Tcl/Tk) 8.4.13 through 8.4.15 allows remote attackers to execute arbitrary code via multi-frame interlaced GIF files in which later frames are smaller than the first. NOTE: this issue is due to an incorrect patch for CVE-2007-5378." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-28T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "34297", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/34297" }, { "name": "oval:org.mitre.oval:def:9540", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9540" }, { "name": "FEDORA-2007-2564", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00261.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://bugs.gentoo.org/show_bug.cgi?id=192539" }, { "name": "26942", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/26942" }, { "name": "27086", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27086" }, { "name": "RHSA-2008:0136", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0136.html" }, { "name": "MDKSA-2007:200", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:200" }, { "name": "DSA-1743", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2009/dsa-1743" }, { "name": "GLSA-200710-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200710-07.xml" }, { "name": "27295", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27295" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://sourceforge.net/project/shownotes.php?release_id=541207" }, { "name": "27229", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27229" }, { "name": "USN-529-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/usn-529-1" }, { "name": "27182", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27182" }, { "name": "20071012 clarification on multiple Tk overflow issues", "tags": [ "mailing-list", "x_refsource_VIM" ], "url": "http://www.attrition.org/pipermail/vim/2007-October/001826.html" }, { "name": "29069", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/29069" }, { "name": "27207", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/27207" }, { "name": "SUSE-SR:2007:020", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://www.novell.com/linux/security/advisories/2007_20_sr.html" }, { "name": "25826", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/25826" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-5137", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in the ReadImage function in generic/tkImgGIF.c in Tcl (Tcl/Tk) 8.4.13 through 8.4.15 allows remote attackers to execute arbitrary code via multi-frame interlaced GIF files in which later frames are smaller than the first. NOTE: this issue is due to an incorrect patch for CVE-2007-5378." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "34297", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/34297" }, { "name": "oval:org.mitre.oval:def:9540", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9540" }, { "name": "FEDORA-2007-2564", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2007-October/msg00261.html" }, { "name": "http://bugs.gentoo.org/show_bug.cgi?id=192539", "refsource": "MISC", "url": "http://bugs.gentoo.org/show_bug.cgi?id=192539" }, { "name": "26942", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/26942" }, { "name": "27086", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27086" }, { "name": "RHSA-2008:0136", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2008-0136.html" }, { "name": "MDKSA-2007:200", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2007:200" }, { "name": "DSA-1743", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2009/dsa-1743" }, { "name": "GLSA-200710-07", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200710-07.xml" }, { "name": "27295", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27295" }, { "name": "http://sourceforge.net/project/shownotes.php?release_id=541207", "refsource": "CONFIRM", "url": "http://sourceforge.net/project/shownotes.php?release_id=541207" }, { "name": "27229", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27229" }, { "name": "USN-529-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/usn-529-1" }, { "name": "27182", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27182" }, { "name": "20071012 clarification on multiple Tk overflow issues", "refsource": "VIM", "url": "http://www.attrition.org/pipermail/vim/2007-October/001826.html" }, { "name": "29069", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29069" }, { "name": "27207", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/27207" }, { "name": "SUSE-SR:2007:020", "refsource": "SUSE", "url": "http://www.novell.com/linux/security/advisories/2007_20_sr.html" }, { "name": "25826", "refsource": "BID", "url": "http://www.securityfocus.com/bid/25826" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-5137", "datePublished": "2007-09-28T21:00:00", "dateReserved": "2007-09-28T00:00:00", "dateUpdated": "2024-08-07T15:24:41.948Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2007-4769
Vulnerability from cvelistv5
Published
2008-01-09 21:00
Modified
2024-08-07 15:08
Severity ?
EPSS score ?
Summary
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T15:08:33.721Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "MDVSA-2008:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:004" }, { "name": "DSA-1460", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2008/dsa-1460" }, { "name": "27163", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/27163" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-1768" }, { "name": "RHSA-2008:0038", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0038.html" }, { "name": "28454", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28454" }, { "name": "20080107 PostgreSQL 2007-01-07 Cumulative Security Release", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/485864/100/0/threaded" }, { "name": "28359", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28359" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.postgresql.org/about/news.905" }, { "name": "SUSE-SA:2008:005", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html" }, { "name": "ADV-2008-0061", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0061" }, { "name": "28679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28679" }, { "name": "ADV-2008-0109", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0109" }, { "name": "28376", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28376" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1810264\u0026group_id=10894\u0026atid=110894" }, { "name": "103197", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1" }, { "name": "28437", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28437" }, { "name": "28455", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28455" }, { "name": "28477", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28477" }, { "name": "29638", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/29638" }, { "name": "28479", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28479" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://sourceforge.net/project/shownotes.php?release_id=565440\u0026group_id=10894" }, { "name": "DSA-1463", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2008/dsa-1463" }, { "name": "RHSA-2008:0040", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0040.html" }, { "name": "20080115 rPSA-2008-0016-1 postgresql postgresql-server", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/486407/100/0/threaded" }, { "name": "28464", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28464" }, { "name": "28698", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28698" }, { "name": "SSRT080006", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154" }, { "name": "200559", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1" }, { "name": "USN-568-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/568-1/" }, { "name": "FEDORA-2008-0552", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html" }, { "name": "28438", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28438" }, { "name": "postgresql-backref-dos(39499)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39499" }, { "name": "1019157", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1019157" }, { "name": "FEDORA-2008-0478", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html" }, { "name": "HPSBTU02325", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154" }, { "name": "GLSA-200801-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200801-15.xml" }, { "name": "ADV-2008-1071", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/1071/references" }, { "name": "oval:org.mitre.oval:def:9804", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9804" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2008-01-06T00:00:00", "descriptions": [ { "lang": "en", "value": "The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "MDVSA-2008:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:004" }, { "name": "DSA-1460", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2008/dsa-1460" }, { "name": "27163", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/27163" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-1768" }, { "name": "RHSA-2008:0038", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0038.html" }, { "name": "28454", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28454" }, { "name": "20080107 PostgreSQL 2007-01-07 Cumulative Security Release", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/485864/100/0/threaded" }, { "name": "28359", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28359" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.postgresql.org/about/news.905" }, { "name": "SUSE-SA:2008:005", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html" }, { "name": "ADV-2008-0061", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0061" }, { "name": "28679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28679" }, { "name": "ADV-2008-0109", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0109" }, { "name": "28376", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28376" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1810264\u0026group_id=10894\u0026atid=110894" }, { "name": "103197", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1" }, { "name": "28437", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28437" }, { "name": "28455", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28455" }, { "name": "28477", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28477" }, { "name": "29638", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/29638" }, { "name": "28479", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28479" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://sourceforge.net/project/shownotes.php?release_id=565440\u0026group_id=10894" }, { "name": "DSA-1463", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2008/dsa-1463" }, { "name": "RHSA-2008:0040", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0040.html" }, { "name": "20080115 rPSA-2008-0016-1 postgresql postgresql-server", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/486407/100/0/threaded" }, { "name": "28464", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28464" }, { "name": "28698", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28698" }, { "name": "SSRT080006", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154" }, { "name": "200559", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1" }, { "name": "USN-568-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/568-1/" }, { "name": "FEDORA-2008-0552", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html" }, { "name": "28438", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28438" }, { "name": "postgresql-backref-dos(39499)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39499" }, { "name": "1019157", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1019157" }, { "name": "FEDORA-2008-0478", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html" }, { "name": "HPSBTU02325", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154" }, { "name": "GLSA-200801-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200801-15.xml" }, { "name": "ADV-2008-1071", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/1071/references" }, { "name": "oval:org.mitre.oval:def:9804", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9804" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-4769", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "MDVSA-2008:004", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:004" }, { "name": "DSA-1460", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1460" }, { "name": "27163", "refsource": "BID", "url": "http://www.securityfocus.com/bid/27163" }, { "name": "https://issues.rpath.com/browse/RPL-1768", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-1768" }, { "name": "RHSA-2008:0038", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2008-0038.html" }, { "name": "28454", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28454" }, { "name": "20080107 PostgreSQL 2007-01-07 Cumulative Security Release", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/485864/100/0/threaded" }, { "name": "28359", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28359" }, { "name": "http://www.postgresql.org/about/news.905", "refsource": "CONFIRM", "url": "http://www.postgresql.org/about/news.905" }, { "name": "SUSE-SA:2008:005", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html" }, { "name": "ADV-2008-0061", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0061" }, { "name": "28679", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28679" }, { "name": "ADV-2008-0109", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0109" }, { "name": "28376", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28376" }, { "name": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1810264\u0026group_id=10894\u0026atid=110894", "refsource": "CONFIRM", "url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1810264\u0026group_id=10894\u0026atid=110894" }, { "name": "103197", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1" }, { "name": "28437", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28437" }, { "name": "28455", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28455" }, { "name": "28477", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28477" }, { "name": "29638", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29638" }, { "name": "28479", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28479" }, { "name": "http://sourceforge.net/project/shownotes.php?release_id=565440\u0026group_id=10894", "refsource": "CONFIRM", "url": "http://sourceforge.net/project/shownotes.php?release_id=565440\u0026group_id=10894" }, { "name": "DSA-1463", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1463" }, { "name": "RHSA-2008:0040", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2008-0040.html" }, { "name": "20080115 rPSA-2008-0016-1 postgresql postgresql-server", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/486407/100/0/threaded" }, { "name": "28464", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28464" }, { "name": "28698", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28698" }, { "name": "SSRT080006", "refsource": "HP", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154" }, { "name": "200559", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1" }, { "name": "USN-568-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/568-1/" }, { "name": "FEDORA-2008-0552", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html" }, { "name": "28438", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28438" }, { "name": "postgresql-backref-dos(39499)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39499" }, { "name": "1019157", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1019157" }, { "name": "FEDORA-2008-0478", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html" }, { "name": "HPSBTU02325", "refsource": "HP", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154" }, { "name": "GLSA-200801-15", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200801-15.xml" }, { "name": "ADV-2008-1071", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1071/references" }, { "name": "oval:org.mitre.oval:def:9804", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9804" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-4769", "datePublished": "2008-01-09T21:00:00", "dateReserved": "2007-09-10T00:00:00", "dateUpdated": "2024-08-07T15:08:33.721Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2007-6067
Vulnerability from cvelistv5
Published
2008-01-09 21:00
Modified
2024-08-07 15:54
Severity ?
EPSS score ?
Summary
Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (memory consumption) via a crafted "complex" regular expression with doubly-nested states.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T15:54:26.630Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "MDVSA-2008:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:004" }, { "name": "DSA-1460", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2008/dsa-1460" }, { "name": "RHSA-2013:0122", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0122.html" }, { "name": "27163", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/27163" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://issues.rpath.com/browse/RPL-1768" }, { "name": "RHSA-2008:0038", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0038.html" }, { "name": "postgresql-complex-expression-dos(39498)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39498" }, { "name": "28454", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28454" }, { "name": "20080107 PostgreSQL 2007-01-07 Cumulative Security Release", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/485864/100/0/threaded" }, { "name": "oval:org.mitre.oval:def:10235", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10235" }, { "name": "28359", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28359" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.postgresql.org/about/news.905" }, { "name": "SUSE-SA:2008:005", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html" }, { "name": "ADV-2008-0061", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0061" }, { "name": "28679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28679" }, { "name": "ADV-2008-0109", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/0109" }, { "name": "28376", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28376" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1810264\u0026group_id=10894\u0026atid=110894" }, { "name": "103197", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1" }, { "name": "28437", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28437" }, { "name": "28455", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28455" }, { "name": "28477", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28477" }, { "name": "29638", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/29638" }, { "name": "28479", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28479" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://sourceforge.net/project/shownotes.php?release_id=565440\u0026group_id=10894" }, { "name": "DSA-1463", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2008/dsa-1463" }, { "name": "RHSA-2008:0040", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0040.html" }, { "name": "20080115 rPSA-2008-0016-1 postgresql postgresql-server", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/486407/100/0/threaded" }, { "name": "28464", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28464" }, { "name": "28698", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28698" }, { "name": "SSRT080006", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154" }, { "name": "200559", "tags": [ "vendor-advisory", "x_refsource_SUNALERT", "x_transferred" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1" }, { "name": "USN-568-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/568-1/" }, { "name": "FEDORA-2008-0552", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html" }, { "name": "28438", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/28438" }, { "name": "1019157", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://securitytracker.com/id?1019157" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705" }, { "name": "FEDORA-2008-0478", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html" }, { "name": "HPSBTU02325", "tags": [ "vendor-advisory", "x_refsource_HP", "x_transferred" ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154" }, { "name": "GLSA-200801-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "http://security.gentoo.org/glsa/glsa-200801-15.xml" }, { "name": "ADV-2008-1071", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2008/1071/references" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2008-01-06T00:00:00", "descriptions": [ { "lang": "en", "value": "Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (memory consumption) via a crafted \"complex\" regular expression with doubly-nested states." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-10-15T20:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "MDVSA-2008:004", "tags": [ "vendor-advisory", "x_refsource_MANDRIVA" ], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:004" }, { "name": "DSA-1460", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2008/dsa-1460" }, { "name": "RHSA-2013:0122", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2013-0122.html" }, { "name": "27163", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/27163" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://issues.rpath.com/browse/RPL-1768" }, { "name": "RHSA-2008:0038", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0038.html" }, { "name": "postgresql-complex-expression-dos(39498)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39498" }, { "name": "28454", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28454" }, { "name": "20080107 PostgreSQL 2007-01-07 Cumulative Security Release", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/485864/100/0/threaded" }, { "name": "oval:org.mitre.oval:def:10235", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10235" }, { "name": "28359", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28359" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.postgresql.org/about/news.905" }, { "name": "SUSE-SA:2008:005", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html" }, { "name": "ADV-2008-0061", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0061" }, { "name": "28679", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28679" }, { "name": "ADV-2008-0109", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/0109" }, { "name": "28376", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28376" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1810264\u0026group_id=10894\u0026atid=110894" }, { "name": "103197", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1" }, { "name": "28437", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28437" }, { "name": "28455", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28455" }, { "name": "28477", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28477" }, { "name": "29638", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/29638" }, { "name": "28479", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28479" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://sourceforge.net/project/shownotes.php?release_id=565440\u0026group_id=10894" }, { "name": "DSA-1463", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2008/dsa-1463" }, { "name": "RHSA-2008:0040", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://www.redhat.com/support/errata/RHSA-2008-0040.html" }, { "name": "20080115 rPSA-2008-0016-1 postgresql postgresql-server", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/486407/100/0/threaded" }, { "name": "28464", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28464" }, { "name": "28698", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28698" }, { "name": "SSRT080006", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154" }, { "name": "200559", "tags": [ "vendor-advisory", "x_refsource_SUNALERT" ], "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1" }, { "name": "USN-568-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/568-1/" }, { "name": "FEDORA-2008-0552", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html" }, { "name": "28438", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/28438" }, { "name": "1019157", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://securitytracker.com/id?1019157" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705" }, { "name": "FEDORA-2008-0478", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html" }, { "name": "HPSBTU02325", "tags": [ "vendor-advisory", "x_refsource_HP" ], "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154" }, { "name": "GLSA-200801-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "http://security.gentoo.org/glsa/glsa-200801-15.xml" }, { "name": "ADV-2008-1071", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2008/1071/references" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2007-6067", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (memory consumption) via a crafted \"complex\" regular expression with doubly-nested states." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "MDVSA-2008:004", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2008:004" }, { "name": "DSA-1460", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1460" }, { "name": "RHSA-2013:0122", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2013-0122.html" }, { "name": "27163", "refsource": "BID", "url": "http://www.securityfocus.com/bid/27163" }, { "name": "https://issues.rpath.com/browse/RPL-1768", "refsource": "CONFIRM", "url": "https://issues.rpath.com/browse/RPL-1768" }, { "name": "RHSA-2008:0038", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2008-0038.html" }, { "name": "postgresql-complex-expression-dos(39498)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39498" }, { "name": "28454", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28454" }, { "name": "20080107 PostgreSQL 2007-01-07 Cumulative Security Release", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/485864/100/0/threaded" }, { "name": "oval:org.mitre.oval:def:10235", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10235" }, { "name": "28359", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28359" }, { "name": "http://www.postgresql.org/about/news.905", "refsource": "CONFIRM", "url": "http://www.postgresql.org/about/news.905" }, { "name": "SUSE-SA:2008:005", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html" }, { "name": "ADV-2008-0061", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0061" }, { "name": "28679", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28679" }, { "name": "ADV-2008-0109", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/0109" }, { "name": "28376", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28376" }, { "name": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1810264\u0026group_id=10894\u0026atid=110894", "refsource": "CONFIRM", "url": "http://sourceforge.net/tracker/index.php?func=detail\u0026aid=1810264\u0026group_id=10894\u0026atid=110894" }, { "name": "103197", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1" }, { "name": "28437", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28437" }, { "name": "28455", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28455" }, { "name": "28477", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28477" }, { "name": "29638", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/29638" }, { "name": "28479", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28479" }, { "name": "http://sourceforge.net/project/shownotes.php?release_id=565440\u0026group_id=10894", "refsource": "CONFIRM", "url": "http://sourceforge.net/project/shownotes.php?release_id=565440\u0026group_id=10894" }, { "name": "DSA-1463", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2008/dsa-1463" }, { "name": "RHSA-2008:0040", "refsource": "REDHAT", "url": "http://www.redhat.com/support/errata/RHSA-2008-0040.html" }, { "name": "20080115 rPSA-2008-0016-1 postgresql postgresql-server", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/486407/100/0/threaded" }, { "name": "28464", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28464" }, { "name": "28698", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28698" }, { "name": "SSRT080006", "refsource": "HP", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154" }, { "name": "200559", "refsource": "SUNALERT", "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1" }, { "name": "USN-568-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/568-1/" }, { "name": "FEDORA-2008-0552", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html" }, { "name": "28438", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/28438" }, { "name": "1019157", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1019157" }, { "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705", "refsource": "CONFIRM", "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10705" }, { "name": "FEDORA-2008-0478", "refsource": "FEDORA", "url": "https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html" }, { "name": "HPSBTU02325", "refsource": "HP", "url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154" }, { "name": "GLSA-200801-15", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-200801-15.xml" }, { "name": "ADV-2008-1071", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/1071/references" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2007-6067", "datePublished": "2008-01-09T21:00:00", "dateReserved": "2007-11-21T00:00:00", "dateUpdated": "2024-08-07T15:54:26.630Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }