CVE-2014-0065

Published: Mar 31, 2014Modified: May 6, 2026

6.5

Vector

AV:N/AC:L/Au:S/C:P/I:P/A:P

Exploitability: 8.0 / Impact: 6.4

Source: NVD

Description

Multiple buffer overflows in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 allow remote authenticated users to have unspecified impact and attack vectors, a different vulnerability than CVE-2014-0063.

Affected (57)

Products: Postgresql: Postgresql

1 product

Configuration A

57 vulnerable

Vulnerable Software	Affected Versions
Postgresql Postgresql	Up to 8.4.19
Postgresql Postgresql	Version 8.4.10
Postgresql Postgresql	Version 8.4.11
Postgresql Postgresql	Version 8.4.12
Postgresql Postgresql	Version 8.4.13
Postgresql Postgresql	Version 8.4.14
Postgresql Postgresql	Version 8.4.15
Postgresql Postgresql	Version 8.4.16
Postgresql Postgresql	Version 8.4.17
Postgresql Postgresql	Version 8.4.18
Postgresql Postgresql	Version 8.4.1
Postgresql Postgresql	Version 8.4.2
Postgresql Postgresql	Version 8.4.3
Postgresql Postgresql	Version 8.4.4
Postgresql Postgresql	Version 8.4.5
Postgresql Postgresql	Version 8.4.6
Postgresql Postgresql	Version 8.4.7
Postgresql Postgresql	Version 8.4.8
Postgresql Postgresql	Version 8.4.9
Postgresql Postgresql	Version 9.0.10
Postgresql Postgresql	Version 9.0.11
Postgresql Postgresql	Version 9.0.12
Postgresql Postgresql	Version 9.0.13
Postgresql Postgresql	Version 9.0.14
Postgresql Postgresql	Version 9.0.15
Postgresql Postgresql	Version 9.0.1
Postgresql Postgresql	Version 9.0.2
Postgresql Postgresql	Version 9.0.3
Postgresql Postgresql	Version 9.0.4
Postgresql Postgresql	Version 9.0.5
Postgresql Postgresql	Version 9.0.6
Postgresql Postgresql	Version 9.0.7
Postgresql Postgresql	Version 9.0.8
Postgresql Postgresql	Version 9.0.9
Postgresql Postgresql	Version 9.0
Postgresql Postgresql	Version 9.1.10
Postgresql Postgresql	Version 9.1.11
Postgresql Postgresql	Version 9.1.1
Postgresql Postgresql	Version 9.1.2
Postgresql Postgresql	Version 9.1.3
Postgresql Postgresql	Version 9.1.4
Postgresql Postgresql	Version 9.1.5
Postgresql Postgresql	Version 9.1.6
Postgresql Postgresql	Version 9.1.7
Postgresql Postgresql	Version 9.1.8
Postgresql Postgresql	Version 9.1.9
Postgresql Postgresql	Version 9.1
Postgresql Postgresql	Version 9.2.1
Postgresql Postgresql	Version 9.2.2
Postgresql Postgresql	Version 9.2.3
Postgresql Postgresql	Version 9.2.4
Postgresql Postgresql	Version 9.2.5
Postgresql Postgresql	Version 9.2.6
Postgresql Postgresql	Version 9.2
Postgresql Postgresql	Version 9.3.1
Postgresql Postgresql	Version 9.3.2
Postgresql Postgresql	Version 9.3

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (34)

http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html

Source: secalert@redhat.com

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html

Source: secalert@redhat.com

http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2014-0211.html

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2014-0221.html

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2014-0249.html

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2014-0469.html

Source: secalert@redhat.com

http://support.apple.com/kb/HT6448

Source: secalert@redhat.com

http://wiki.postgresql.org/wiki/20140220securityrelease

Source: secalert@redhat.com

Vendor Advisory

http://www.debian.org/security/2014/dsa-2864

Source: secalert@redhat.com

http://www.debian.org/security/2014/dsa-2865

Source: secalert@redhat.com

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

Source: secalert@redhat.com

http://www.postgresql.org/about/news/1506/

Source: secalert@redhat.com

Vendor Advisory

http://www.securityfocus.com/bid/65731

Source: secalert@redhat.com

http://www.ubuntu.com/usn/USN-2120-1

Source: secalert@redhat.com

https://support.apple.com/kb/HT6536

Source: secalert@redhat.com

http://archives.neohapsis.com/archives/bugtraq/2014-10/0103.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-updates/2014-03/msg00018.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://lists.opensuse.org/opensuse-updates/2014-03/msg00038.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2014-0211.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2014-0221.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2014-0249.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://rhn.redhat.com/errata/RHSA-2014-0469.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://support.apple.com/kb/HT6448

Source: af854a3a-2127-422b-91ae-364da2661108

http://wiki.postgresql.org/wiki/20140220securityrelease

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.debian.org/security/2014/dsa-2864

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.debian.org/security/2014/dsa-2865

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.postgresql.org/about/news/1506/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/65731

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.ubuntu.com/usn/USN-2120-1

Source: af854a3a-2127-422b-91ae-364da2661108

https://support.apple.com/kb/HT6536

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.