1. Home
  2. CVE Database
  3. CVE-2012-2655
MEDIUM · 4.0

CVE-2012-2655

PostgreSQL 8.3.x before 8.3.19, 8.4.x before 8.4.12, 9.0.x before 9.0.8, and 9.1.x before 9.1.4 allows remote authenticated users to cause a denial of service (server crash) by adding the (1) SECURITY...

Vulnerability Description

PostgreSQL 8.3.x before 8.3.19, 8.4.x before 8.4.12, 9.0.x before 9.0.8, and 9.1.x before 9.1.4 allows remote authenticated users to cause a denial of service (server crash) by adding the (1) SECURITY DEFINER or (2) SET attributes to a procedural language's call handler.

CVSS Score

4.0

MEDIUM

AV:N/AC:L/Au:S/C:N/I:N/A:P
Confidentiality
NONE
Integrity
NONE
Availability
PARTIAL

Affected Products

VendorProductVersions
PostgresqlPostgresql8.3

Related Weaknesses (CWE)

CWE-399

References

FAQ

What is CVE-2012-2655?

CVE-2012-2655 is a vulnerability with a CVSS score of 4.0 (MEDIUM). PostgreSQL 8.3.x before 8.3.19, 8.4.x before 8.4.12, 9.0.x before 9.0.8, and 9.1.x before 9.1.4 allows remote authenticated users to cause a denial of service (server crash) by adding the (1) SECURITY...

How severe is CVE-2012-2655?

CVE-2012-2655 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2012-2655?

Check the references section above for vendor advisories and patch information. Affected products include: Postgresql Postgresql.