Denial of Service Vulnerability in EnterpriseDB Advanced Server 8.2
CVE-2007-4639

Currently unrated

Key Information:

Vendor: Enterprisedb
Status: Enterprisedb Advanced Server
Vendor: CVE Published:; 31 August 2007

🔔 Create Enterprisedb Vulnerability Alert

What is CVE-2007-4639?

The EnterpriseDB Advanced Server 8.2 contains a vulnerability that arises from improper handling of certain debugging function calls, particularly those made before invoking pldbg_create_listener. This flaw permits remote authenticated users to trigger a denial of service scenario by causing the server daemon to crash. Additionally, the exploitation of this vulnerability could lead to arbitrary code execution by leveraging a SELECT statement that calls specific pldbg_ functions, such as pldbg_get_stack and pldbg_abort_target. These functions may result in the use of uninitialized pointers, creating risk for affected systems.

References

http://www.securityfocus.com/archive/1/478057/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://www.securityfocus.com/bid/25481

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/36328

vdb-entryx_refsource_XF

EPSS Score

16% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 31, 2007
Vulnerability Reserved
Aug 31, 2007

JSON