CVE

CVE-2006-5541

Date: (C)2006-10-26   (M)2023-12-22

backend/parser/parse_coerce.c in PostgreSQL 7.4.1 through 7.4.14, 8.0.x before 8.0.9, and 8.1.x before 8.1.5 allows remote authenticated users to cause a denial of service (daemon crash) via a coercion of an unknown element to ANYARRAY.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.0
Exploit Score: 8.0
Impact Score: 2.9
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: SINGLE
Confidentiality: NONE
Integrity: NONE
Availability: PARTIAL

Reference:

SECTRACK-1017115

2006-0059

BID-20717

SECUNIA-22562

SECUNIA-22584

SECUNIA-22606

SECUNIA-22636

SECUNIA-23048

SECUNIA-23132

SECUNIA-24577

ADV-2006-4182

MDKSA-2006:194

RHSA-2007:0067

RHSA-2007:0068

SUSE-SR:2006:027

USN-369-1

USN-369-2

http://projects.commandprompt.com/public/pgsql/changeset/26457

http://support.avaya.com/elmodocs2/security/ASA-2007-117.htm

http://support.novell.com/techcenter/psdb/59650c03a8bc5ae310cd7898bd106ad2.html

http://www.postgresql.org/about/news.664

oval:org.mitre.oval:def:10905