CVE-2007-4772

PostgreSQL 7.4-8.2.5 - Denial of Service via Regular Expression Parser

Title source: llm
STIX 2.1

Description

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows context-dependent attackers to cause a denial of service (infinite loop) via a crafted regular expression.

References (53)

Core 53
Core References
Third Party Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2008-0134.html
Third Party Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2008:004
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2008/dsa-1460
Broken Link vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/1744
Patch, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/27163
Broken Link x_refsource_confirm
https://issues.rpath.com/browse/RPL-1768
Third Party Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2008-0038.html
Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00016.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html
Third Party Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2013-0122.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28454
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/485864/100/0/threaded
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28359
Vendor Advisory x_refsource_confirm
http://www.postgresql.org/about/news.905
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0061
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28679
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/0109
Third Party Advisory x_refsource_confirm
http://www.vmware.com/security/advisories/VMSA-2008-0009.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28376
Broken Link vendor-advisory x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103197-1
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28437
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28455
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28477
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/29638
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28479
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/29248
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/39497
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2008/dsa-1463
Third Party Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2008-0040.html
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/486407/100/0/threaded
Third Party Advisory vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2008:059
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28464
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/30535
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28698
Broken Link vendor-advisory x_refsource_sunalert
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200559-1
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/493080/100/0/threaded
Third Party Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/568-1/
Mailing List, Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html
Third Party Advisory vendor-advisory x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00469.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/29070
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28438
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1019157
Third Party Advisory x_refsource_confirm
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
Third Party Advisory vendor-advisory x_refsource_fedora
https://www.redhat.com/archives/fedora-package-announce/2008-January/msg00397.html
Third Party Advisory vendor-advisory x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200801-15.xml
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2008/1071/references

Scores

EPSS 0.0028
EPSS Percentile 51.2%

Details

CWE
CWE-399
Status published
Products (7)
canonical/ubuntu_linux 6.06
canonical/ubuntu_linux 6.10
canonical/ubuntu_linux 7.04
canonical/ubuntu_linux 7.10
debian/debian_linux 3.1
postgresql/postgresql 7.4 - 7.4.19
tcl/tcl\/tk < 8.4.17
Published Jan 09, 2008
Tracked Since Feb 18, 2026