CVE-2010-0733
published 2010-03-19CVE-2010-0733: Integer overflow in src/backend/executor/nodeHash.c in PostgreSQL 8.4.1 and earlier, and 8.5 through 8.5alpha2, allows remote authenticated users to cause a…
PriorityP418low3.5CVSS 2.0
AVNACMAuSCNINAP
EXPLOIT
EPSS
6.90%
93.3th percentile
Integer overflow in src/backend/executor/nodeHash.c in PostgreSQL 8.4.1 and earlier, and 8.5 through 8.5alpha2, allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with many LEFT JOIN clauses, related to certain hashtable size calculations.
Affected
79 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| postgresql | postgresql | <= 8.4.1 | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
| postgresql | postgresql | — | — |
CVSS provenance
nvdv2.03.5LOWAV:N/AC:M/Au:S/C:N/I:N/A:P
vendor_redhat3.5LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
postgresql: Integer overflow in hash table size calculation
vendor_redhat·2009-12-14·CVSS 3.5
CVE-2010-0733 [LOW] CWE-190 postgresql: Integer overflow in hash table size calculation
postgresql: Integer overflow in hash table size calculation
Integer overflow in src/backend/executor/nodeHash.c in PostgreSQL 8.4.1 and earlier, and 8.5 through 8.5alpha2, allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with many LEFT JOIN clauses, related to certain hashtable size calculations.
GHSA
GHSA-qxf5-r3fp-g7w9: Integer overflow in src/backend/executor/nodeHash
ghsa_unreviewed·2022-05-02
CVE-2010-0733 [LOW] GHSA-qxf5-r3fp-g7w9: Integer overflow in src/backend/executor/nodeHash
Integer overflow in src/backend/executor/nodeHash.c in PostgreSQL 8.4.1 and earlier, and 8.5 through 8.5alpha2, allows remote authenticated users to cause a denial of service (daemon crash) via a SELECT statement with many LEFT JOIN clauses, related to certain hashtable size calculations.
No detection rules found.
http://archives.postgresql.org/pgsql-bugs/2009-10/msg00277.phphttp://archives.postgresql.org/pgsql-bugs/2009-10/msg00287.phphttp://archives.postgresql.org/pgsql-bugs/2009-10/msg00289.phphttp://archives.postgresql.org/pgsql-bugs/2009-10/msg00310.phphttp://git.postgresql.org/gitweb?p=postgresql.git%3Ba=commit%3Bh=64b057e6823655fb6c5d1f24a28f236b94dd6c54http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.htmlhttp://secunia.com/advisories/39820http://www.openwall.com/lists/oss-security/2010/03/09/2http://www.openwall.com/lists/oss-security/2010/03/16/10http://www.redhat.com/support/errata/RHSA-2010-0427.htmlhttp://www.redhat.com/support/errata/RHSA-2010-0428.htmlhttp://www.redhat.com/support/errata/RHSA-2010-0429.htmlhttp://www.securityfocus.com/bid/38619http://www.vupen.com/english/advisories/2010/1197https://bugzilla.redhat.com/show_bug.cgi?id=546621https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10691http://archives.postgresql.org/pgsql-bugs/2009-10/msg00277.phphttp://archives.postgresql.org/pgsql-bugs/2009-10/msg00287.phphttp://archives.postgresql.org/pgsql-bugs/2009-10/msg00289.phphttp://archives.postgresql.org/pgsql-bugs/2009-10/msg00310.phphttp://git.postgresql.org/gitweb?p=postgresql.git%3Ba=commit%3Bh=64b057e6823655fb6c5d1f24a28f236b94dd6c54http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.htmlhttp://secunia.com/advisories/39820http://www.openwall.com/lists/oss-security/2010/03/09/2http://www.openwall.com/lists/oss-security/2010/03/16/10http://www.redhat.com/support/errata/RHSA-2010-0427.htmlhttp://www.redhat.com/support/errata/RHSA-2010-0428.htmlhttp://www.redhat.com/support/errata/RHSA-2010-0429.htmlhttp://www.securityfocus.com/bid/38619http://www.vupen.com/english/advisories/2010/1197https://bugzilla.redhat.com/show_bug.cgi?id=546621https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10691
2010-03-19
Published