cbcvebase.
CVE-2009-0922
published 2009-03-17

CVE-2009-0922: PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows remote authenticated users to cause a denial of service (stack consumption and crash) by…

PriorityP421medium4CVSS 2.0
AVNACLAuSCNINAP
EXPLOIT
EPSS
10.24%
95.1th percentile
PostgreSQL before 8.3.7, 8.2.13, 8.1.17, 8.0.21, and 7.4.25 allows remote authenticated users to cause a denial of service (stack consumption and crash) by triggering a failure in the conversion of a localized error message to a client-specified encoding, as demonstrated using mismatched encoding conversion requests.

Affected

5 ranges
VendorProductVersion rangeFixed in
postgresqlpostgresql
postgresqlpostgresql
postgresqlpostgresql
postgresqlpostgresql
postgresqlpostgresql

CVSS provenance

nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:N/I:N/A:P
vendor_redhat4.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.