CVE-2005-1409

Published: May 3, 2005Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

PostgreSQL 7.3.x through 8.0.x gives public EXECUTE access to certain character conversion functions, which allows unprivileged users to call those functions with malicious values, with unknown impact, aka the "Character conversion vulnerability."

Affected (28)

Products: Postgresql: Postgresql

1 product

Configuration A

28 vulnerable

Vulnerable Software	Affected Versions
Postgresql Postgresql	Version 7.2.1
Postgresql Postgresql	Version 7.2.2
Postgresql Postgresql	Version 7.2.3
Postgresql Postgresql	Version 7.2.4
Postgresql Postgresql	Version 7.2.5
Postgresql Postgresql	Version 7.2.6
Postgresql Postgresql	Version 7.2.7
Postgresql Postgresql	Version 7.3.1
Postgresql Postgresql	Version 7.3.2
Postgresql Postgresql	Version 7.3.3
Postgresql Postgresql	Version 7.3.4
Postgresql Postgresql	Version 7.3.5
Postgresql Postgresql	Version 7.3.6
Postgresql Postgresql	Version 7.3.7
Postgresql Postgresql	Version 7.3.8
Postgresql Postgresql	Version 7.3.9
Postgresql Postgresql	Version 7.3
Postgresql Postgresql	Version 7.4.1
Postgresql Postgresql	Version 7.4.2
Postgresql Postgresql	Version 7.4.3
Postgresql Postgresql	Version 7.4.4
Postgresql Postgresql	Version 7.4.5
Postgresql Postgresql	Version 7.4.6
Postgresql Postgresql	Version 7.4.7
Postgresql Postgresql	Version 7.4
Postgresql Postgresql	Version 8.0.1
Postgresql Postgresql	Version 8.0.2
Postgresql Postgresql	Version 8.0

References (18)

http://archives.postgresql.org/pgsql-announce/2005-05/msg00001.php

Source: secalert@redhat.com

Patch

http://www.novell.com/linux/security/advisories/2005_36_sudo.html

Source: secalert@redhat.com

http://www.postgresql.org/about/news.315

Source: secalert@redhat.com

Patch

http://www.redhat.com/support/errata/RHSA-2005-433.html

Source: secalert@redhat.com

http://www.securityfocus.com/archive/1/426302/30/6680/threaded

Source: secalert@redhat.com

http://www.securityfocus.com/bid/13476

Source: secalert@redhat.com

http://www.vupen.com/english/advisories/2005/0453

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10050

Source: secalert@redhat.com

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A676

Source: secalert@redhat.com

http://archives.postgresql.org/pgsql-announce/2005-05/msg00001.php

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.novell.com/linux/security/advisories/2005_36_sudo.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.postgresql.org/about/news.315

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.redhat.com/support/errata/RHSA-2005-433.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/426302/30/6680/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/13476

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2005/0453

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10050

Source: af854a3a-2127-422b-91ae-364da2661108

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A676

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.