Search Results (Refine Search)
- CPE Product Version: cpe:/a:postgresql:postgresql:7.4.5
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2005-0244 |
PostgreSQL 8.0.0 and earlier allows local users to bypass the EXECUTE permission check for functions by using the CREATE AGGREGATE command. Published: May 02, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 6.5 MEDIUM |
CVE-2005-0246 |
The intagg contrib module for PostgreSQL 8.0.0 and earlier allows attackers to cause a denial of service (crash) via crafted arrays. Published: May 02, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2005-0247 |
Multiple buffer overflows in gram.y for PostgreSQL 8.0.1 and earlier may allow attackers to execute arbitrary code via (1) a large number of variables in a SQL statement being handled by the read_sql_construct function, (2) a large number of INTO variables in a SELECT statement being handled by the make_select_stmt function, (3) a large number of arbitrary variables in a SELECT statement being handled by the make_select_stmt function, and (4) a large number of INTO variables in a FETCH statement being handled by the make_fetch_stmt function, a different set of vulnerabilities than CVE-2005-0245. Published: May 02, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 6.5 MEDIUM |
CVE-2004-0977 |
The make_oidjoins_check script in PostgreSQL 7.4.5 and earlier allows local users to overwrite files via a symlink attack on temporary files. Published: February 09, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2005-0245 |
Buffer overflow in gram.y for PostgreSQL 8.0.0 and earlier may allow attackers to execute arbitrary code via a large number of arguments to a refcursor function (gram.y), which leads to a heap-based buffer overflow, a different vulnerability than CVE-2005-0247. Published: February 01, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |