Vulnerability Details : CVE-2007-0555
PostgreSQL 7.3 before 7.3.13, 7.4 before 7.4.16, 8.0 before 8.0.11, 8.1 before 8.1.7, and 8.2 before 8.2.2 allows attackers to disable certain checks for the data types of SQL function arguments, which allows remote authenticated users to cause a denial of service (server crash) and possibly access database content.
Vulnerability category: Denial of service
Threat overview for CVE-2007-0555
Top countries where our scanners detected CVE-2007-0555
Top open port discovered on systems with this issue
5432
IPs affected by CVE-2007-0555 8,567
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2007-0555!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2007-0555
Probability of exploitation activity in the next 30 days: 0.78%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 81 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2007-0555
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
8.5
|
HIGH | AV:N/AC:L/Au:S/C:C/I:N/A:C |
8.0
|
9.2
|
NIST |
References for CVE-2007-0555
-
http://www.redhat.com/support/errata/RHSA-2007-0067.html
SupportThird Party Advisory
-
https://usn.ubuntu.com/417-1/
Third Party Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/32195
Third Party Advisory;VDB Entry
-
http://www.securityfocus.com/bid/22387
Third Party Advisory;VDB Entry
-
http://lists.rpath.com/pipermail/security-announce/2007-February/000141.html
Broken Link
-
http://fedoranews.org/cms/node/2554
Third Party Advisory
-
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102825-1
Broken Link
-
http://www.vupen.com/english/advisories/2007/0774
Third Party Advisory
-
https://issues.rpath.com/browse/RPL-830
Broken Link
-
http://security.gentoo.org/glsa/glsa-200703-15.xml
Third Party Advisory
-
https://issues.rpath.com/browse/RPL-1025
Broken Link
-
http://www.mandriva.com/security/advisories?name=MDKSA-2007:037
Broken Link
-
http://support.avaya.com/elmodocs2/security/ASA-2007-117.htm
ASA-2007-117 (RHSA-2007-0067)Third Party Advisory
-
http://www.redhat.com/support/errata/RHSA-2007-0068.html
SupportThird Party Advisory
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9739
Third Party Advisory
-
http://www.vupen.com/english/advisories/2007/0478
Third Party Advisory
-
http://www.novell.com/linux/security/advisories/2007_10_sr.html
Third Party Advisory
-
http://www.debian.org/security/2007/dsa-1261
Third Party Advisory
-
http://www.securityfocus.com/archive/1/459448/100/0/threaded
Third Party Advisory;VDB Entry
-
http://www.securityfocus.com/archive/1/459280/100/0/threaded
Third Party Advisory;VDB Entry
-
http://www.redhat.com/support/errata/RHSA-2007-0064.html
Third Party Advisory
-
http://securitytracker.com/id?1017597
Third Party Advisory;VDB Entry
-
http://www.postgresql.org/support/security
PostgreSQL: Security InformationVendor Advisory
-
http://www.ubuntu.com/usn/usn-417-2
Third Party Advisory
-
http://www.trustix.org/errata/2007/0007
Broken Link
-
ftp://patches.sgi.com/support/free/security/advisories/20070201-01-P.asc
Third Party Advisory
Products affected by CVE-2007-0555
- cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:*:*:*:*:*:*:*:*