CVE-2016-5423
EUVD-2016-636809.12.2016, 23:59
PostgreSQL before 9.1.23, 9.2.x before 9.2.18, 9.3.x before 9.3.14, 9.4.x before 9.4.9, and 9.5.x before 9.5.4 allow remote authenticated users to cause a denial of service (NULL pointer dereference and server crash), obtain sensitive memory information, or possibly execute arbitrary code via (1) a CASE expression within the test value subexpression of another CASE or (2) inlining of an SQL function that implements the equality operator used for a CASE expression involving values of different types.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| debian | debian_linux | 8.0 |
| postgresql | postgresql | 𝑥 ≤ 9.1.22 |
| postgresql | postgresql | 9.2 |
| postgresql | postgresql | 9.2.1 |
| postgresql | postgresql | 9.2.2 |
| postgresql | postgresql | 9.2.3 |
| postgresql | postgresql | 9.2.4 |
| postgresql | postgresql | 9.2.5 |
| postgresql | postgresql | 9.2.6 |
| postgresql | postgresql | 9.2.7 |
| postgresql | postgresql | 9.2.8 |
| postgresql | postgresql | 9.2.9 |
| postgresql | postgresql | 9.2.10 |
| postgresql | postgresql | 9.2.11 |
| postgresql | postgresql | 9.2.12 |
| postgresql | postgresql | 9.2.13 |
| postgresql | postgresql | 9.2.14 |
| postgresql | postgresql | 9.2.15 |
| postgresql | postgresql | 9.2.16 |
| postgresql | postgresql | 9.2.17 |
| postgresql | postgresql | 9.3 |
| postgresql | postgresql | 9.3.1 |
| postgresql | postgresql | 9.3.2 |
| postgresql | postgresql | 9.3.3 |
| postgresql | postgresql | 9.3.4 |
| postgresql | postgresql | 9.3.5 |
| postgresql | postgresql | 9.3.6 |
| postgresql | postgresql | 9.3.7 |
| postgresql | postgresql | 9.3.8 |
| postgresql | postgresql | 9.3.9 |
| postgresql | postgresql | 9.3.10 |
| postgresql | postgresql | 9.3.11 |
| postgresql | postgresql | 9.3.12 |
| postgresql | postgresql | 9.3.13 |
| postgresql | postgresql | 9.4 |
| postgresql | postgresql | 9.4.1 |
| postgresql | postgresql | 9.4.2 |
| postgresql | postgresql | 9.4.3 |
| postgresql | postgresql | 9.4.4 |
| postgresql | postgresql | 9.4.5 |
| postgresql | postgresql | 9.4.6 |
| postgresql | postgresql | 9.4.7 |
| postgresql | postgresql | 9.4.8 |
| postgresql | postgresql | 9.5 |
| postgresql | postgresql | 9.5.1 |
| postgresql | postgresql | 9.5.2 |
| postgresql | postgresql | 9.5.3 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| postgresql-8.4 |
| ||||||||||
| postgresql-9.1 |
| ||||||||||
| postgresql-9.3 |
| ||||||||||
| postgresql-9.5 |
|
Common Weakness Enumeration
References