Description

The regular expression parser in TCL before 8.4.17, as used in PostgreSQL 8.2 before 8.2.6, 8.1 before 8.1.11, 8.0 before 8.0.15, and 7.4 before 7.4.19, allows remote authenticated users to cause a denial of service (backend crash) via an out-of-bounds backref number.

Remediation

References

CVE-2007-4769

Related Vulnerabilities

SugarCRM Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-46816)

WebLogic CVE-2018-3252 Vulnerability (CVE-2018-3252)

Wordpress Plugin Backup Migration Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-36884)

GibbonEdu Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-34598)

WordPress Plugin Custom Content Type Manager Backdoor (0.9.8.8)

Severity

Medium

Classification

CVE-2007-4769

Tags

Missing Update Known Vulnerabilities