Vulnerability Description
The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Postgresql | Postgresql | 7.3 |
| Tcl Tk | Tcl Tk | <= 8.4.16 |
Related Weaknesses (CWE)
References
- http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01420154
- http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00000.html
- http://secunia.com/advisories/28359Vendor Advisory
- http://secunia.com/advisories/28376Vendor Advisory
- http://secunia.com/advisories/28437Vendor Advisory
- http://secunia.com/advisories/28438Vendor Advisory
- http://secunia.com/advisories/28454Vendor Advisory
- http://secunia.com/advisories/28455Vendor Advisory
- http://secunia.com/advisories/28464Vendor Advisory
- http://secunia.com/advisories/28477
- http://secunia.com/advisories/28479Vendor Advisory
- http://secunia.com/advisories/28679Vendor Advisory
- http://secunia.com/advisories/28698Vendor Advisory
- http://secunia.com/advisories/29638Vendor Advisory
- http://security.gentoo.org/glsa/glsa-200801-15.xml
FAQ
What is CVE-2007-4769?
CVE-2007-4769 is a vulnerability with a CVSS score of 6.8 (MEDIUM). The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a de...
How severe is CVE-2007-4769?
CVE-2007-4769 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-4769?
Check the references section above for vendor advisories and patch information. Affected products include: Postgresql Postgresql, Tcl Tk Tcl Tk.