CVE-2007-6067

Currently unrated

Key Information:

Vendor
Postgresql
Status
Postgresql
Tcl Tk
Vendor
CVE Published:
9 January 2008

Summary

Algorithmic complexity vulnerability in the regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (memory consumption) via a crafted "complex" regular expression with doubly-nested states.

References

http://www.mandriva.com/security/advisories?name=MDVSA-20...
vendor-advisoryx_refsource_MANDRIVA
http://www.debian.org/security/2008/dsa-1460
vendor-advisoryx_refsource_DEBIAN
http://rhn.redhat.com/errata/RHSA-2013-0122.html
vendor-advisoryx_refsource_REDHAT

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.