Algorithmic Complexity Vulnerability in PostgreSQL by The PostgreSQL Global Development Group
CVE-2007-6067

Currently unrated

Key Information:

Vendor: Postgresql
Status: Postgresql; Tcl Tk
Vendor: CVE Published:; 9 January 2008

Summary

The vulnerability in the regular expression parser of PostgreSQL affects multiple versions, allowing remote authenticated users to trigger a denial of service through crafted regular expressions that exploit algorithmic complexity. This results in significant memory consumption and potential service interruption, underscoring the need for vigilant security practices and timely software updates.

References

http://www.mandriva.com/security/advisories?name=MDVSA-20...

vendor-advisoryx_refsource_MANDRIVA

http://www.debian.org/security/2008/dsa-1460

vendor-advisoryx_refsource_DEBIAN

http://rhn.redhat.com/errata/RHSA-2013-0122.html

vendor-advisoryx_refsource_REDHAT

Timeline

Vulnerability published
Jan 9, 2008
Vulnerability Reserved
Nov 21, 2007