CVE-2013-0255

PostgreSQL 9.2.x before 9.2.3, 9.1.x before 9.1.8, 9.0.x before 9.0.12, 8.4.x before 8.4.16, and 8.3.x before 8.3.23 does not properly declare the enum_recv function in backend/utils/adt/enum.c, which causes it to be invoked with incorrect arguments and allows remote authenticated users to cause a denial of service (server crash) or read sensitive process memory via a crafted SQL command, which triggers an array index error and an out-of-bounds read.
Severity
UNKNOWN
AV:N/AC:L/Au:S/C:N/I:N/A:C
Atk. Vector
NETWORK
Atk. Complexity
LOW
Base Score
CVSS 3.x
EPSS Score
Percentile: 87%
VendorProductVersion
postgresqlpostgresql
8.3
postgresqlpostgresql
8.3.1
postgresqlpostgresql
8.3.2
postgresqlpostgresql
8.3.3
postgresqlpostgresql
8.3.4
postgresqlpostgresql
8.3.5
postgresqlpostgresql
8.3.6
postgresqlpostgresql
8.3.7
postgresqlpostgresql
8.3.8
postgresqlpostgresql
8.3.9
postgresqlpostgresql
8.3.10
postgresqlpostgresql
8.3.11
postgresqlpostgresql
8.3.12
postgresqlpostgresql
8.3.13
postgresqlpostgresql
8.3.14
postgresqlpostgresql
8.3.15
postgresqlpostgresql
8.3.16
postgresqlpostgresql
8.3.17
postgresqlpostgresql
8.3.18
postgresqlpostgresql
8.3.19
postgresqlpostgresql
8.3.20
postgresqlpostgresql
8.3.21
postgresqlpostgresql
8.3.22
postgresqlpostgresql
8.4
postgresqlpostgresql
8.4.1
postgresqlpostgresql
8.4.2
postgresqlpostgresql
8.4.3
postgresqlpostgresql
8.4.4
postgresqlpostgresql
8.4.5
postgresqlpostgresql
8.4.6
postgresqlpostgresql
8.4.7
postgresqlpostgresql
8.4.8
postgresqlpostgresql
8.4.9
postgresqlpostgresql
8.4.10
postgresqlpostgresql
8.4.11
postgresqlpostgresql
8.4.12
postgresqlpostgresql
8.4.13
postgresqlpostgresql
8.4.14
postgresqlpostgresql
8.4.15
postgresqlpostgresql
9.0
postgresqlpostgresql
9.0.1
postgresqlpostgresql
9.0.2
postgresqlpostgresql
9.0.3
postgresqlpostgresql
9.0.4
postgresqlpostgresql
9.0.5
postgresqlpostgresql
9.0.6
postgresqlpostgresql
9.0.7
postgresqlpostgresql
9.0.8
postgresqlpostgresql
9.0.9
postgresqlpostgresql
9.0.10
postgresqlpostgresql
9.0.11
postgresqlpostgresql
9.1
postgresqlpostgresql
9.1.1
postgresqlpostgresql
9.1.2
postgresqlpostgresql
9.1.3
postgresqlpostgresql
9.1.4
postgresqlpostgresql
9.1.5
postgresqlpostgresql
9.1.6
postgresqlpostgresql
9.1.7
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
postgresql-8.2
raring
dne
quantal
dne
precise
dne
oneiric
dne
lucid
dne
hardy
ignored
postgresql-8.3
raring
dne
quantal
dne
precise
dne
oneiric
dne
lucid
dne
hardy
Fixed 8.3.23-0ubuntu8.04
released
postgresql-8.4
raring
dne
quantal
dne
precise
Fixed 8.4.16-0ubuntu12.04
released
oneiric
ignored
lucid
Fixed 8.4.16-0ubuntu10.04
released
hardy
dne
postgresql-9.1
raring
not-affected
quantal
Fixed 9.1.8-0ubuntu12.10
released
precise
Fixed 9.1.8-0ubuntu12.04
released
oneiric
Fixed 9.1.8-0ubuntu11.10
released
lucid
dne
hardy
dne
References