CVE-2010-0733

Advisory lineage Upstream: 0 Downstream: 3
Modified
Published: 19 Mar 2010, 19:00
Last modified:07 Aug 2024, 00:59

Vulnerability Summary

Overall Risk (default)
medium
26/100
CVSS Score
3.5 LOW
v2.0 (nvd)
EPSS Score
7.67% LOW
8% probability 0.00%
KEV
Not listed
Ransomware
No reports
Public exploits
1 found
Dark Web
Not detected

Timeline

19 Mar 2010, 19:00
Published
Vulnerability first disclosed
07 Aug 2024, 00:59
Last Modified
Vulnerability information updated

Description

Integer overflow in src/backend/executor/nodeHash.c in PostgreSQL 8.4.1 and earlier, and 8.5 through 8.5alpha2, allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with many LEFT JOIN clauses, related to certain hashtable size calculations.

CVSS Metrics

  • v2.0LOWScore: 3.5AV:N/AC:M/Au:S/C:N/I:N/A:P

EPSS Trends

Current EPSS score: 7.67% Percentile: 92%

Techniques & Countermeasures

  • CWE-189Numeric Errors

    Weaknesses in this category are related to improper calculation or conversion of numbers.

Affected Systems

  • postgresqlpostgresql

    ≤ 8.4.1 | 8.0 | 8.0.0 | 8.0.1 | 8.0.2 | 8.0.3 | 8.0.4 | 8.0.5 | 8.0.6 | 8.0.7 | 8.0.8 | 8.0.9 | 8.0.10 | 8.0.11 | 8.0.12 | 8.0.13 | 8.0.14 | 8.0.15 | 8.0.16 | 8.0.17 | 8.0.18 | 8.0.19 | 8.0.20 | 8.0.21 | 8.0.22 | 8.0.23 | 8.0.317 | 8.1 | 8.1.0 | 8.1.1 | 8.1.2 | 8.1.3 | 8.1.4 | 8.1.5 | 8.1.6 | 8.1.7 | 8.1.8 | 8.1.9 | 8.1.10 | 8.1.11 | 8.1.12 | 8.1.13 | 8.1.14 | 8.1.15 | 8.1.16 | 8.1.17 | 8.1.18 | 8.1.19 | 8.1.20 | 8.2 | 8.2.1 | 8.2.2 | 8.2.3 | 8.2.4 | 8.2.5 | 8.2.6 | 8.2.7 | 8.2.8 | 8.2.9 | 8.2.10 | 8.2.11 | 8.2.12 | 8.2.13 | 8.2.14 | 8.2.15 | 8.2.16 | 8.3 | 8.3.1 | 8.3.2 | 8.3.3 | 8.3.4 | 8.3.5 | 8.3.6 | 8.3.7 | 8.3.8 | 8.3.9 | 8.3.10 | 8.4 | 8.5 | 8.5:alpha1 | 8.5:alpha2

References (16)